"BlackCat Ransomware Gang Targets Businesses Via Google Ads"

According to security researchers at eSentire’s Threat Response Unit (TRU), the notorious ALPHV/BlackCat ransomware has been observed using Google Ads to distribute malware.  In a new advisory published recently, the researchers said it intercepted and thwarted attempts by ALPHV/BlackCat affiliates to breach a law firm, a manufacturer, and a warehouse provider within the past three weeks.  The new tactic the researchers observed involves using Google Ads promoting popular software like Advanced IP Scanner and Slack, leading business professionals to attacker-controlled websites.  The researchers noted that these professionals, thinking they are downloading legitimate software, unwittingly install the Nitrogen malware.  Nitrogen serves as initial-access malware, providing intruders with a foothold in the target organization’s IT environment.  Once established, the hackers infect the victim with ALPHV/BlackCat ransomware.

Infosecurity reports: "BlackCat Ransomware Gang Targets Businesses Via Google Ads"