"Ransomware Access Brokers Use Google Ads to Breach Your Network"

DEV-0569 is a threat actor observed using Google Ads in ongoing advertising campaigns aimed at distributing malware, stealing credentials, and ultimately compromising networks for ransomware attacks. In recent weeks, cybersecurity researchers have demonstrated how Google search results have become a nest for malicious advertisements spreading malware. These advertisements pose as websites for well-known software, such as LightShot, Rufus, 7-Zip, FileZilla, LibreOffice, AnyDesk, Awesome Miner, TradingView, WinRAR, and VLC. These malicious advertisement campaigns have been used to distribute RedLine Stealer, Gozi/Ursnif, Vidar, and more. This article continues to discuss findings regarding the use of Google Ads by ransomware access brokers. 

Bleeping Computer reports "Ransomware Access Brokers Use Google Ads to Breach Your Network"

Submitted by Anonymous on