Cyber criminals will always find a way to attack and a new way of computer infection was recently discovered using the ads in the search engine Google.
Based on the creation of fake sites and advertising so that the page appears in the first search results of the platform, the attackers intend to deceive users.
Malware through advertising
There are already several cases that are known about this type of cyber attack, with which criminals want the person to access the page and download software, which is actually a virus.
One of them is promoting OBS (Open Broadcaster Software)which is a program to broadcast live on digital platforms such as Twitch, Facebook and YouTube. When users search Google the application may appear as the first result an ad from a false page.
It may interest you: This is how you can change the country of Google Play Store accounts
Without knowing it, the person enters and downloads the program in an .EXE file format, which is usual for this type of process, but when cybercriminals install themselves, they manage to take control of some accounts such as social networks or cryptocurrency wallets and clone computer data
The scope of this attack affected an influencer from the NFTs in Twitterwho downloaded and installed the app from the fake ad and was later alerted to the attack, but it was too late and his cryptocurrency account had been taken over by someone else, losing his money and NFTs.
“Last night my entire digital livelihood was breached. All my personal and professional accounts were hacked and used to harm others. And what is less important, I lost an amount of my net worth that changed my life, ”said Alex, as he is known, in his profile.
But this is not the only case that has been known so far. As reported by users in Reddit, when searching for graphics drivers AMD to download them in Googlean ad for a fake page appeared in the first result.
It may interest you: Google Podcasts could migrate its services to YouTube
A situation that also happened with VLCthe free multimedia player developed by the VideoLAN foundation, which was incorporated into a fake website, as detected Trend Microcalling this type of attack ‘search engine optimization (SEO) poisoning’.
“Search engine results may be contaminated to download malicious files by SEO poisoning and legitimate tools may perform malicious behavior because they were abused,” the researchers commented.
As it is paid content, the search engine positions the fraudulent site above the official ones, which are the ones that provide guarantees so that users can download the programs without any problem.
This situation should put users on alert, who should verify very carefully from where they download software to their computer. The best option is to avoid accessing from a search engine, if not manually type the link of the original page of the brand to avoid taking risks. In addition, normally companies do not advertise for their programs to be downloaded.
This measure must be reinforced by constantly updating the computer and the browser so that they have the appropriate defense tools and continually changing the access passwords to the other platforms.
Keep reading:
