Warning for Dropbox, Telegram and AnyDesk PC Users! Malicious Actors Are Using Google Ads to Steal Your Information

One of the most common ways in which a malicious actor might try their best to steal some of your personal data would be through the use of infostealers. This is a type of malware that can provide a crook with vast amounts of personal data that you would have undoubtedly preferred to keep private, but the thing that makes this malware even more sinister is that the various actors that are currently making use of them are delivering them to numerous systems through the use of Google Ads, as reported by Morphisec.

These are pay per click ads which make it so that you might just end up seeing some kind of infostealer at the top of your Google search results, and this will most likely greatly increase the efficacy of this malware whenever it ends up being used. The malware is cloaked through fake versions of popular apps such as Dropbox, AnyDesk and Telegram, and this further increases the likelihood that users would be comfortable downloading them since the first thing that most users tend to look for when they are wary of malware is an app that they are not all that familiar with at present.

A user will generally see the advertised malware as an ad for one of the aforementioned apps, though research has shown that only users in the US are currently being subjected to these attacks. The download itself will consist of an ISO image/file, and one way in which these malicious actors are able to evade Google’s rather comprehensive scans is through the size of this image which is often in excess of 100MB. The malware contained within this ISO image, usually something like Redline, is further obfuscated through the use of well known programs in this vein such as Deep Sea.

It is the combination of these various obfuscation methods that ends up making the implementation of these infostealers so effective, and the terrible thing is that most of the malicious actors that are using this malware and distributing it through the use of pay per click Google Ads have been getting away with it so far.

Google has yet to comment on the issue which might be an indication that the company has been caught off guard, but the problem has not yet gotten to a point where it would be impossible to end up fixing. Hence, it is relatively likely that Google will be able to create a fix for this in time, though this definitely serves as an example of how dangerous the web still is even though various tech companies tend to put a lot of checks and balances in place since malicious actors are consistently trying to figure out ways to bypass these security protocols.

Read next: More Than 75 Percent of Stolen Data Contains Personally Identifiable Information, Study
Previous Post Next Post