GAGANDEEP SINGH
03-May-2023
Several cybersecurity researchers reported a rise in threat actors using Google Ads to spread malware in Search results.
Security researchers discovered a new malware known as LOBSHOT, which is being distributed using Google Ads.
The malware allows threat attackers to take over the infected Windows device using hVNC cautiously.
The Google Ads campaign impersonated numerous websites & of course, pushed malware instead of actual apps.
As per the threat researchers, the malware executes a command & downloads DLL data from the website.
When the malware is executed, it checks if the Microsoft Defender is running and, if detected, ends the execution.
After all that, the malware also checks for nine Microsoft Edge wallet extensions, wallets & more.
By utilizing the hVNC, the attacker now has full control over the machine, allowing them to steal data & more.