Google Ads spreading dangerous new Mac malware

Hackers have recently launched a malicious Google Ads campaign targeting individuals who are interested in the new Arc browser. The objective of this campaign is to install information-stealing malware on Mac devices. This alarming discovery was made by cybersecurity researchers at Malwarebytes.

The campaign, attributed to an entity called ‘Coles & Co,’ directs users to a website with the domain name archost[.]org. However, upon clicking the link, victims are redirected to arc-download[.]com, a fraudulent site that claims to offer the Arc browser exclusively for Mac users.

At first glance, the downloaded DMG file appears to behave like a legitimate file. However, it incorporates a right-click-to-open trick that bypasses security protections. Unbeknownst to the victims, they are actually downloading a variant of Atomic Stealer (AMOS) called Poseidon, which is an infostealer capable of extracting various types of information from the targeted Mac devices.

Poseidon can access sensitive files, cryptocurrency wallet data, stored passwords, and browser data. The malware author, who goes by the alias Rodrigo4, revealed that there is a significant amount of code overlap between AMOS and Poseidon. However, the decision to create a separate brand for Poseidon was motivated by the desire for recognition within the underground community.

The ability of hackers to utilize Google Ads to distribute malware is a concerning development. These malicious ads can appear at the top of search engine results pages, greatly increasing the likelihood of unsuspecting users falling victim to the attack. The process behind such malvertising campaigns involves threat actors compromising Google business accounts that are authorized to run advertising campaigns and have linked credit cards for payments. They then create fraudulent ad campaigns that promote nefarious websites, boosting their visibility on search engine results pages.

As cybersecurity experts issue warnings about the dangers of searching for things online, it is becoming increasingly important for users to exercise caution. Rather than simply blindly clicking on search results, security-conscious individuals are advised to directly type in known addresses to reduce the risk of encountering malicious links.

The prevalence of these types of attacks and the sophistication of hackers’ tactics underline the necessity for robust cybersecurity measures. Individuals and businesses alike must adopt comprehensive security practices to protect their devices and data from such threats.

One important aspect of a strong cybersecurity strategy is keeping all software, including browsers, up to date. Regular updates often include patches that address vulnerabilities and protect against known forms of malware. It is also crucial to implement strong password practices, such as using unique and complex passwords for each online account. Additionally, utilizing two-factor authentication provides an extra layer of security by requiring an additional verification step, such as a one-time code sent to a user’s mobile device.

Education and awareness are key in the fight against cybercrime. Users should be vigilant when encountering suspicious websites or links, especially when they claim to offer exclusive or limited-time deals. By exercising caution and relying on trusted sources, individuals can minimize their exposure to online threats.

As for organizations, a multi-layered approach to cybersecurity is essential. This includes implementing firewalls, antivirus programs, and intrusion detection systems, as well as conducting regular security audits and employee training programs to promote a security-conscious culture. It is also advisable to regularly back up important files and data to ensure that they can be recovered in the event of a cyber incident.

In conclusion, the malicious Google Ads campaign targeting individuals interested in the new Arc browser serves as a stark reminder of the ever-present threat of cybercrime. Hackers continue to evolve their tactics to exploit vulnerabilities and deceive unsuspecting users. By staying informed, adopting comprehensive security practices, and remaining vigilant, individuals and organizations can greatly reduce their risk of falling victim to these types of attacks.



Source link