{"id":156188,"date":"2023-01-24T21:27:43","date_gmt":"2023-01-25T03:27:43","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/01\/ransomware-access-brokers-use-google-ads-to-breach-your-network"},"modified":"2023-01-24T21:27:43","modified_gmt":"2023-01-25T03:27:43","slug":"ransomware-access-brokers-use-google-ads-to-breach-your-network","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/01\/ransomware-access-brokers-use-google-ads-to-breach-your-network","title":{"rendered":"Ransomware access brokers use Google ads to breach your network"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/ransomware-access-brokers-use-google-ads-to-breach-your-network2.jpg\"><\/a><\/p>\n<p>A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims\u2019 passwords, and ultimately breach networks for ransomware attacks.<\/p>\n<p>Over the past couple of weeks, cybersecurity researchers <a href=\"https:\/\/twitter.com\/malwrhunterteam\" target=\"_blank\" rel=\"nofollow noopener\">MalwareHunterTeam<\/a>, <a href=\"https:\/\/twitter.com\/1ZRR4H\" target=\"_blank\" rel=\"nofollow noopener\">Germ\u00e1n Fern\u00e1ndez<\/a>, and <a href=\"https:\/\/twitter.com\/wdormann\" target=\"_blank\" rel=\"nofollow noopener\">Will Dormann<\/a> have illustrated how Google search results have become a <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hackers-push-malware-via-google-search-ads-for-vlc-7-zip-ccleaner\/\" target=\"_blank\">hotbed of malicious advertisements pushing malware<\/a>.<\/p>\n<p>These ads pretend to be websites for popular software programs, like LightShot, Rufus, 7-Zip, FileZilla, LibreOffice, AnyDesk, Awesome Miner, TradingView, WinRAR, and VLC.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims\u2019 passwords, and ultimately breach networks for ransomware attacks. Over the past couple of weeks, cybersecurity researchers MalwareHunterTeam, Germ\u00e1n Fern\u00e1ndez, and Will Dormann have illustrated how Google search results have become a hotbed of malicious advertisements pushing [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-156188","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/156188","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=156188"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/156188\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=156188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=156188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=156188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}