MalwareTech Posted January 18 Share Posted January 18 It seems like after Microsoft moved to limit Office Macros, there has been a resurgence in other techniques such as malvertising and iso attachments. Recently there was a viral thread about some NFT dude getting hacked by a fake OBS (popular streaming software) ad that appeared above the real website in Google search results. A bunch of different people have done digging and found an insane number of malicious ads impersonating OBS, Audacity, and more. Here is a list from https://raw.githubusercontent.com/CronUp/Malware-IOCs/main/2023-01-17_Arechclient2_GoogleAds tecinnovations.online tecinovations.pw tecinnovation.space techinovation.online techinovation.website techinovation.site tecinnovation.fun techinovation.fun tecinnovation.online tecinnovation.website techinovation.space tecinnovation.site vilc.site audasite.site audacslty.site odstraeming.site odstraeming.space glmps.site audasite.website audasite.online audasite.space odstraeming.fun ostreeming.website ostreeming.fun ostreeming.site odstraeming.online obmprolect.com godstreamsview.site godstreamsview.online obcproect.site godstreamsview.website godstreamsview.fun godstreamsview.space odstraeming.website ostreeming.online obsproect.site ostreeming.space godstreamsviews.online godstreamsviews.website godstreamsviews.site godstreamsviews.space obcprolect.com godstreamsviews.fun odstreamsviews.online odstreamsviews.website odstreamsviews.space odstreamsviews.fun docstore.app sgparroquial.app odstreamsviews.site qobstreamsviews.space qobstreamsviews.site qobstreamsviews.online qobstreamsviews.fun qobstreamsviews.website obsspro.website obsspro.site qobstreamsview.website qobstreamsview.online qobstreamsview.fun qobstreamsview.site obsspro.online obstremsview.online obstremswiev.space obrproject.com obpproject.com obstremswiev.site obstremswiev.online obstremswiev.fun oblproject.com In some cases people have for 5+ malicious Ads in the same search, all of which rank higher than the real website. A lot seem to lead to redline stealer or other infostealers. More info: https://www.bleepingcomputer.com/news/security/hackers-turn-to-google-search-ads-to-push-info-stealing-malware/ Stay safe out there and probably get an Adblocker! 4 Link to comment Share on other sites More sharing options...
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!Register a new account
Already have an account? Sign in here.Sign In Now