Carding 4 Carders
Professional
The owner of a wedding firm unwittingly became an accomplice of cybercriminals.
A new malvertising campaign has been discovered that promotes infected versions of PyCharm through the Google search engine.
Attackers have embedded malicious code into the website of an anonymous wedding planning firm. This code automatically created an ad in Google Ads to promote PyCharm — a popular tool for Python developers. When users searched for the program through Google, the system showed them a fake ad leading to the infected page.
The version of PyCharm hosted on the site actually installed more than ten different types of malware on the victim's computer after downloading. The owner of the hacked site became an unwitting accomplice of criminals, paying for fraudulent advertising impressions from his budget.
According to experts, it's all about the features of Google Ads. When a user enters keywords that match the content of an Internet resource in the search bar, a contextual ad is automatically generated on behalf of this resource. This is how attackers pass off malicious links as useful content from proven platforms.
Most recently, Akamai released a detailed report on similar attacks targeting hotel and hotel customers around the world. In this case, attackers use search engine optimization (SEO) to make fake sites rank highly in search results. Contextual advertising is also used in the same way.
According to Akamai, the threat is global in nature. When analyzing DNS traffic, hackers were detected in countries such as Switzerland, Hong Kong, and Canada. It is obvious that attackers are not limited to one specific region.
Initially, the researchers assumed that the campaign was launched in September 2023, but later it turned out that the domain names used to distribute malware were registered and requested by attackers back in June. It turns out that preparations for the attack were conducted for at least three months.
Over the past six months, hackers have been exploiting Google services quite often. Recently, we wrote about what malvertising is and how else Google Ads helps attackers in the implementation of their insidious plans.
A new malvertising campaign has been discovered that promotes infected versions of PyCharm through the Google search engine.
Attackers have embedded malicious code into the website of an anonymous wedding planning firm. This code automatically created an ad in Google Ads to promote PyCharm — a popular tool for Python developers. When users searched for the program through Google, the system showed them a fake ad leading to the infected page.
The version of PyCharm hosted on the site actually installed more than ten different types of malware on the victim's computer after downloading. The owner of the hacked site became an unwitting accomplice of criminals, paying for fraudulent advertising impressions from his budget.
According to experts, it's all about the features of Google Ads. When a user enters keywords that match the content of an Internet resource in the search bar, a contextual ad is automatically generated on behalf of this resource. This is how attackers pass off malicious links as useful content from proven platforms.
Most recently, Akamai released a detailed report on similar attacks targeting hotel and hotel customers around the world. In this case, attackers use search engine optimization (SEO) to make fake sites rank highly in search results. Contextual advertising is also used in the same way.
According to Akamai, the threat is global in nature. When analyzing DNS traffic, hackers were detected in countries such as Switzerland, Hong Kong, and Canada. It is obvious that attackers are not limited to one specific region.
Initially, the researchers assumed that the campaign was launched in September 2023, but later it turned out that the domain names used to distribute malware were registered and requested by attackers back in June. It turns out that preparations for the attack were conducted for at least three months.
Over the past six months, hackers have been exploiting Google services quite often. Recently, we wrote about what malvertising is and how else Google Ads helps attackers in the implementation of their insidious plans.
