Tag: Google Ads
-
Operation Poseidon: Konni Group Hijacks Google & Naver Ad Links to Deploy EndRAT
The campaign designated as “Operation Poseidon” has been identified as a sophisticated targeted assault, wherein adversaries exploited advertising traffic redirection mechanisms to circumvent electronic mail filters and diminish user vigilance. The cornerstone of this stratagem was the utilization of link structures from Google Ads and Naver, enabling the masking of deleterious transitions as legitimate promotional…
-
n8mare on Auth Street: First n8n Supply Chain Attack Steals OAuth Tokens
A sophisticated supply chain offensive recently compromised the n8n workflow automation ecosystem, as adversaries infiltrated the npm repository with malicious packages camouflaged as legitimate integration modules. According to research by Endor Labs, the primary objective of this campaign was the exfiltration of developers’ OAuth tokens, granting unauthorized access to critical services such as Google Ads,…
-
The Ad Trap Closed: DOJ Seizes Global Control Hub Behind $28M Bank Fraud
U.S. law enforcement authorities have announced the seizure of a domain used in a large-scale scheme to steal bank accounts. According to the U.S. Department of Justice, the site—web3adspanels[.]org—served as a control hub for harvesting stolen credentials and enabling remote access to victims’ banking accounts. Visitors to the domain now see a notice stating that…
-
GPUGate: The Supply Chain Attack That Hides Malware in Plain Sight
Researchers at Arctic Wolf have reported a new campaign, dubbed GPUGate, in which adversaries exploit Google Ads and fraudulent GitHub commits to distribute malware targeting IT firms and developers across Western Europe. Active since at least December 2024, the operation masquerades as downloads of GitHub Desktop, but the links instead redirect to the counterfeit domain…
-
Beware: Fake PDF Editor Spreads Dangerous Infostealer via Google Ads
Experts at Truesec have reported a large-scale malicious campaign in which attackers promoted a fake PDF-editing application, AppSuite PDF Editor, through Google Ads. Beneath its veneer of legitimacy lurked the TamperedChef infostealer, capable of siphoning confidential data from compromised devices. Analysis revealed that the operation was orchestrated by a well-structured group leveraging multiple applications designed…
-
Warning: New “Search Poisoning” Scam Injects Fake Support Numbers on Legitimate Brand Sites
Fraudsters have developed a method to intercept search queries from users seeking 24/7 customer support from companies such as Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. By posing as legitimate support representatives, they deceive individuals into divulging personal information or granting remote access to their devices. This warning comes from Jérôme Segura,…
-
Google simplifies the ad creation process with auto-generated artificial intelligence
In the wake of numerous product and service announcements integrating generative artificial intelligence technologies at Google I/O 2023, Google has affirmed its commitment to further streamline the advertising process through the application of artificial intelligence, enhancing the efficacy of ad exposure. Leveraging natural language understanding capabilities, Google can now employ artificial intelligence to analyze and…