In 2023, most internet users are aware of the potential risks and dangers that come with using the online world. Cyber-criminals are constantly developing new ways to steal people's personal data and extort large ransoms, leaving many users vulnerable.
To avoid these attacks, it's important to follow commonsense precautions, such as avoiding freeware sites that promote illegitimate or cracked versions of popular software and not opening email attachments from unknown senders.
However, even when engaging in best practices online, some cyber-crimes occur without the user being immediately aware. A prime example of this is "malvertising" — an insidious threat that has the ability to rope in unsuspecting victims.
What is malvertising?
Malvertising is a dangerous type of cyber-attack that exploits online advertising networks to spread malicious content, such as malware and ransomware. Attackers disguise malicious code in advertisements for popular products, services, and websites, which can then redirect users to malicious websites or install malware on devices when clicked on.
This type of attack is particularly insidious because it can be difficult to detect, so internet users need to exercise extra caution when browsing the web and clicking on advertisements. Malvertising campaigns sometimes use vulnerable applications like JavaScript and Flash Player to deliver the malicious payloads instead of simply redirecting away from legitimate sites, making them even more hazardous.
Traditionally, in order to protect against this type of attack, internet users need only stay alert while browsing the web and be sure to download new programs that are part of software bundles that may contain browser extensions.
But what happens when you naïvely go to one of the most reputable and universally trafficked search engines in the world, Google, only to find yourself victimized — not by malvertising hacks executed via infiltrated ads, but by advertisements that were actually approved and then promoted on the Google Ads platform?
How Are Hackers Using Google Ads to Steal Data and Spread Malware?
Hackers have recently been exploiting the Google ads platform to victimize individuals and entities in both the private and public sectors. Reports indicate that Google has been duped into running fake ads for products and services such as Adobe Reader, Microsoft Teams, OBS, Slack, and Thunderbird.
These malicious ads lead users to malware gangs like AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader. This major breach of security seems to be an indictment of Google's lax policies rather than a sophisticated new attack from the online underworld.
According to a statement from Google on the matter, "[b]ad actors often employ sophisticated measures to conceal their identities and evade our policies and enforcement. To combat this over the past few years, we've launched new certification policies, ramped up advertiser verification, and increased our capacity to detect and prevent coordinated scams. We are aware of the recent uptick in fraudulent ad activity. Addressing it is a critical priority, and we are working to resolve these incidents as quickly as possible."
These failures on the part of Google is startling, especially considering that in 2022, Google's ad revenue was $224.47 billion. Additionally, the fact that they are technically a participant in these online schemes potentially opens up the organization up to liability, as the organization may possibly be considered to be operating as an accessory to cyber-crime.
Google needs to take action in order to prevent the continued exploitation of its business model by online criminals. This is an issue that does not get enough news coverage, but it is nonetheless a serious problem that must be addressed if customers are to continue trusting Google. As one of the world's largest companies and most profitable organizations, Google has the resources at its disposal to increase security protocols by hiring more personnel and creating stricter vetting process for advertisers. In doing so, it would make significant progress toward protecting consumers from becoming victims of cyber-crime and fraud.
The internet advertising mechanisms that currently exist, which already include the annoying adware programs like "Pdf download tool" that bombards users with sponsored ads and browser hijackers and extensions like Infinity Search that literally take over your online search attempts, are dangerous enough. But if Google, which is regarded as the gold standard among search engines, ceases to be safe for web browsers, where will novice internet-surfers be able to turn to in order to conduct safe searches online?
Julio Rivera is a business and political strategist, editorial director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cyber-security and politics, has been published by many of the most heavily trafficked websites in the world.
Image via Pixnio.