Fake Google Ads Promote Malware Sites With Authenticator App

ScamMalware

Cybercriminals use Google ads that link to fake sites promoting the malicious Google Authenticator app.

Redamp.io | Mandrake Android Spyware | Rogue USB Drive

Victim To Its Own Ad Platform

For years, malicious campaigns have targeted the Google search platform, where cybercriminals place ads that mimic well-known software sites to install malware on visitors' devices.

If you attempted to download the popular Google Authenticator (a multi-factor authentication app) through a Google search in recent days, you might have accidentally installed malware on your computer.

Cybercriminals have managed to create Google search ads that display legitimate domains, enhancing the trustworthiness of the advertisements.

In a newly discovered malicious campaign by Malwarebytes , threat actors crafted ads that appear among the first results when users search for Google Authenticator on Google.

Redamp.io | Mandrake Android Spyware | Rogue USB Drive

The reality is that Larry Marr has no affiliation with Google and is likely a fake account. The ad's credibility is enhanced by displaying google.com and https://www.google.com as the click URL, which clearly should not be permitted for advertisements created by third parties."

Clicking on the fake Google Authenticator ads redirects the visitor through a series of links, ultimately landing on chromeweb-authenticators.com, a site impersonating a genuine Google portal."

Redamp.io | Mandrake Android Spyware | Rogue USB Drive

Clicking the Download Authenticator button on the fake sites initiates the download of a signed executable named Authenticator.exe, which is hosted on GitHub. Although GitHub is the standard software repository, not all applications or scripts hosted there are legitimate. So be careful when downloading files from this service.

How To Stay Safe?

Here are five simple tips to help you stay safe from malicious ads:

  1. Use an Ad Blocker: Install an ad blocker on your web browser, for example uBlock . This tool helps prevent ads from appearing on the websites you visit, reducing the risk of encountering malicious ones.

  2. Avoid Clicking on Suspicious Ads: Be cautious about clicking on ads, especially those that seem too good to be true or appear on less reputable websites. If an ad looks suspicious, it's best to avoid it.

  3. Use Reputable Security Software: Install and update antivirus and anti-malware software. These programs can detect and block malicious ads and other threats, keeping your device safe.

We Can Help Protect You!

Our mobile app Redamp.io includes a Safe Surfing  feature that effectively handles protection against the latest threats such as phishing or malware.

Redamp.io | Mandrake Android Spyware | Rogue USB Drive