Malware
Delivered
through
Google
Search
Criminals
using
Google
search
ads
to
deliver
malware
isn’t
new,
but
Ars
Technica
declared
that
the
problem
has
become
much
worse
recently.
The
surge
is
coming
from
numerous
malware
families,
including
AuroraStealer,
IcedID,
Meta
Stealer,
RedLine
Stealer,
Vidar,
Formbook,
and
XLoader.
In
the
past,
these
families
typically
relied
on
phishing
and
malicious
spam
that
attached
Microsoft
Word
documents
with
booby-trapped
macros.
Over
the
past
month,
Ads
has
become
the
go-to
place
for
criminals
to
spread
their
malicious
wares
that
are
disguised
as
legitimate
downloads
by
impersonating
brands
such
as
Adobe
Reader,
Gimp,
Microsoft
Teams,
OBS,
Slack,
Tor,
and
Thunderbird.[…]
It’s
clear
that
despite
all
the
progress
has
made
filtering
malicious
sites
out
of
returned
ads
and
search
results
over
the
past
couple
decades,
criminals
have
found
ways
to
strike
back.
These
criminals
excel
at
finding
the
latest
techniques
to
counter
the
filtering.
As
soon
as
devises
a
way
to
block
them,
the
criminals
figure
out
new
ways
to
circumvent
those
protections.
Sidebar
photo
of
Bruce
Schneier
by
Joe
MacInnis.