Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Mac users served info-stealer malware through Google ads
More reasons to use an ad-blocker, and never click on a Google ad that slips through.
Google "verifies" malware sites. (image shown below)
I mostly use DuckDuckGo for search, and use Google only as a desperate last resort.
https://arstechnica.com/security/2024/06/mac-info-stealer-malware-distributed-through-google-ads/
Mac malware that steals passwords, cryptocurrency wallets, and other sensitive data has been spotted circulating through Google ads, making it at least the second time in as many months the widely used ad platform has been abused to infect web surfers.
The latest ads, found by security firm Malwarebytes on Monday, promote Mac versions of Arc, an unconventional browser that became generally available for the macOS platform last July. The listing promises users a “calmer, more personal” experience that includes less clutter and distractions, a marketing message that mimics the one communicated by The Browser Company, the startup maker of Arc.
According to Malwarebytes, clicking on the ads redirected web surfers to arc-download[.]com, a completely fake Arc browser page that looks nearly identical to the real one.
Digging further into the ad shows that it was purchased by an entity called Coles & Co, an advertiser identity Google claims to have verified.
The latest ads, found by security firm Malwarebytes on Monday, promote Mac versions of Arc, an unconventional browser that became generally available for the macOS platform last July. The listing promises users a “calmer, more personal” experience that includes less clutter and distractions, a marketing message that mimics the one communicated by The Browser Company, the startup maker of Arc.
According to Malwarebytes, clicking on the ads redirected web surfers to arc-download[.]com, a completely fake Arc browser page that looks nearly identical to the real one.
Digging further into the ad shows that it was purchased by an entity called Coles & Co, an advertiser identity Google claims to have verified.
The malware code sends data to the IP address 79.137.192[.]4. The address happens to host the control panel for Poseidon, the name of a stealer actively sold in criminal markets.
3 replies
= new reply since forum marked as read
= new reply since forum marked as read
