Bleeping Computer has written an article covering a malicious campaign abusing Google ads that was discovered by researchers from Sentinel Labs. The malvertising campaign redirected victims to a fake Amazon Web Services login page, registered to what is believed to be a Brazilian threat actor. The most notable thing to remember is that in many instances the bad ads rank very high in the search results. For instance, when searching for “aws,” this campaign’s malicious result appeared second, right behind Amazon’s own promoted search result. WaterISAC continues to track this social engineering tactic of promoting content in search results to trick unsuspecting users to visit malicious sites. Read more at Bleeping Computer.
Prior WaterISAC Reporting on Google Ads Search Abuse