These Google Ads Are Using ChatGPT to Market Malware

Google ads have become somewhat notorious because of the fact that this is the sort of thing that could potentially end up taking you to suspicious sites that could put your system at risk. It turns out that threat actors have been advertising popular software such as ChatGPT, claiming that users can download it by clicking on the ad, only to infect users with malware.

With all of that having been said and now out of the way, it is important to note that the RomCom malware might be at play here. It has the potential to drop payloads that can provide backdoors into your systems, thereby making you less secure than might have been the case otherwise.

Another major issue that can occur due to the presence of this malware is that you may end up having screenshots taken of your screen which is dangerous since it can lead to various types of identity theft. Malicious actors can also harvest browser cookies, acquire data pertaining to any crypto wallets that you may have on your system, personal messages that you have exchanged with other people along with login data from any and all accounts that you own.

One thing that bears mentioning is that ChatGPT was not the only software that ended up being impersonated in this Google Ad campaign. AstraChat, System Ninja as well as a Remote Desktop Manager offered by Devolutions was also used to provide legitimacy to these ads with all things having been considered and taken into account.

Many of the targets of these campaigns happen to be based in Europe, with Eastern Europe in particular being a prime focus for malicious actors behind these ads. It is imperative that consumers be educated on the pitfalls of downloading software from websites that you are not already familiar with.

This is not the first time that Google Ads have been used for these malicious purposes, and it very likely won’t be the last. Apart from consumer education, Google also has a responsibility to establish more robust vetting processes in order to keep users safe from harm.

Read next: Scammers Exploit Gmail's Verification System and Google's Response Raises Doubts
Previous Post Next Post