Brother
Professional
- Messages
- 2,590
- Reaction score
- 500
- Points
- 83
Researchers have once again raised the issue of search engine security.
Google continues to fight cyber fraudsters who place malicious ads on the popular search platform. Attackers are trying their best to force people to download malicious copies of popular free apps.
Such ads usually appear higher in the search results than official sites for downloading the same software, which misleads inexperienced users, creating a false sense of legitimacy.
In addition, in July and December of last year, we already talked about the fact that experienced attackers are able to display the official website of the target program or service for bait in advertising, which suddenly turn out to be a phishing page after clicking on the ad and a series of redirects.
Despite the problem that has existed for many years, Google constantly repeats that user safety is a priority for it, and thousands of employees work around the clock to create and apply anti-abuse policies.
Of course, you can't discount the efforts of the corporation of good and its employees, but examples of malicious advertising still appear in the search results too often.
For example, independent security researcher Brian Krebs recently discovered that when you search Google for the free graphic design program FreeCAD, a sponsored ad in the top search results leads to the site "freecad-us [.] org", but, of course, this page has nothing to do with the official website of the program.
Often, attackers do not bother and host dozens or even hundreds of fake websites that parasitize well-known brands from the same IP address. So, the tool DomainTools.com identified more than 200 domains for downloading various free software located at the address "93.190.143[.]252".
Some of these sites only copy content from legitimate sources, while others offer downloading programs that may be malicious. Tom Hegel of SentinelOne, who has been tracking such domains for more than a year, says that often such sites first publish legitimate copies of programs and fill downloads and reputation, and then, after some time, replace them with malicious ones.
SentinelOne's February 2023 report draws a clear parallel between the rise in fraudulent advertising and the increase in malware infections. Hoegel notes that despite the decrease in the volume of such advertising compared to last year, the threat still remains relevant.
Google claims that in 2022 alone, 5.2 billion malicious ads were removed and more than 4.3 billion prevented from being published, while more than 6.7 million ad accounts were suspended. However, it remains a mystery why the company did not block other suspicious domains as well.
Domestic search engines also have a similar problem, so you can hardly blindly throw stones at Google — the problem is global and, apparently, it cannot be solved in two finger clicks, although search service developers need to strive for this.
To avoid the risk of malware infection through ads, it is recommended to simply skip the block of sponsored sites in the search results and download exclusively from official resources. Even if the sponsored page looks like "anydesk[.]com", there is no guarantee that clicking on it will take you to the specified site.
To protect yourself from this threat, you can install an ad blocker in your browser, which will completely hide sponsored sites and protect you from accidentally clicking on a fraudulent ad.
When installing software, you should not rush. It is important to exercise caution and vigilance by carefully checking each link before clicking. This is the only way to protect yourself from unintentional malware installation.
Google continues to fight cyber fraudsters who place malicious ads on the popular search platform. Attackers are trying their best to force people to download malicious copies of popular free apps.
Such ads usually appear higher in the search results than official sites for downloading the same software, which misleads inexperienced users, creating a false sense of legitimacy.
In addition, in July and December of last year, we already talked about the fact that experienced attackers are able to display the official website of the target program or service for bait in advertising, which suddenly turn out to be a phishing page after clicking on the ad and a series of redirects.
Despite the problem that has existed for many years, Google constantly repeats that user safety is a priority for it, and thousands of employees work around the clock to create and apply anti-abuse policies.
Of course, you can't discount the efforts of the corporation of good and its employees, but examples of malicious advertising still appear in the search results too often.
For example, independent security researcher Brian Krebs recently discovered that when you search Google for the free graphic design program FreeCAD, a sponsored ad in the top search results leads to the site "freecad-us [.] org", but, of course, this page has nothing to do with the official website of the program.
Often, attackers do not bother and host dozens or even hundreds of fake websites that parasitize well-known brands from the same IP address. So, the tool DomainTools.com identified more than 200 domains for downloading various free software located at the address "93.190.143[.]252".
Some of these sites only copy content from legitimate sources, while others offer downloading programs that may be malicious. Tom Hegel of SentinelOne, who has been tracking such domains for more than a year, says that often such sites first publish legitimate copies of programs and fill downloads and reputation, and then, after some time, replace them with malicious ones.
SentinelOne's February 2023 report draws a clear parallel between the rise in fraudulent advertising and the increase in malware infections. Hoegel notes that despite the decrease in the volume of such advertising compared to last year, the threat still remains relevant.
Google claims that in 2022 alone, 5.2 billion malicious ads were removed and more than 4.3 billion prevented from being published, while more than 6.7 million ad accounts were suspended. However, it remains a mystery why the company did not block other suspicious domains as well.
Domestic search engines also have a similar problem, so you can hardly blindly throw stones at Google — the problem is global and, apparently, it cannot be solved in two finger clicks, although search service developers need to strive for this.
To avoid the risk of malware infection through ads, it is recommended to simply skip the block of sponsored sites in the search results and download exclusively from official resources. Even if the sponsored page looks like "anydesk[.]com", there is no guarantee that clicking on it will take you to the specified site.
To protect yourself from this threat, you can install an ad blocker in your browser, which will completely hide sponsored sites and protect you from accidentally clicking on a fraudulent ad.
When installing software, you should not rush. It is important to exercise caution and vigilance by carefully checking each link before clicking. This is the only way to protect yourself from unintentional malware installation.
