Adrian Johnson
TLDR:
- Cybercriminals are using Google search ads to deliver malicious payloads through fake ads for Slack.
- Nearly 500 malvertising incidents related to Google search ads have been reported in the past year, indicating coordinated campaigns by threat actors.
Cybercriminals have been exploiting Google search ads to deliver malicious payloads through seemingly legitimate ads for the popular communication tool Slack. Over the past year, nearly 500 unique malvertising incidents related to Google search ads have been reported, suggesting coordinated campaigns by threat actors. These malicious ads may initially appear legitimate but eventually redirect users to malicious domains, such as slack-windows-download[.]com, which impersonates Slack and offers a download link to a remote access Trojan with stealer capabilities. To combat this threat, cybersecurity firms like Malwarebytes have enhanced their detection coverage and reported malicious ads to Google. It is crucial for users to remain vigilant and adopt proactive security measures to protect against evolving cyber threats.
