![]() The decoy site (trabingviewscom) looks quite authentic and shows three download buttons: one each for Windows, Mac and Linux. When the user clicks on the ad they are redirected to a phishing page hosted at trabingviewscom: ![]() This is likely a compromised ad account that is being used by the threat actors. Google's Ads Transparency Center page shows this advertiser account belongs to someone from Belarus. ![]() The ad below for TradingView uses special font characters ( tradıņgsvıewscom is embedded with unicode characters: trad\u0131\u0146gsv\u0131ewscom) perhaps as an attempt to appear like the real domain and evade detection from Google's ad quality checks: Threat actors are buying ads matching well-known brands and tricking victims into visiting their site as if it were the official page. Users looking to download a new program will naturally turn to Google and run a search. In this blog post, we will provide details on one campaign targeting TradingView, a popular platform and app to track financial markets. The developer has been actively working on the project, releasing a new version at the end of June.Ĭriminals who buy the toolkit have been distributing it mostly via cracked software downloads but are also impersonating legitimate websites and using ads on search engines such as Google to lure victims in. However, we recently captured a campaign that was pushing both Windows and Mac malware, the latter being an updated version of the new but popular Atomic Stealer (AMOS) for Mac.ĪMOS was first advertised in April 2023 as a stealer for Mac OS with a strong focus on crypto assets, capable of harvesting passwords from browsers and Apple's keychain, as well as featuring a file grabber. That's not surprising considering that Microsoft holds the largest market share for both desktop and laptop computers. The majority of the malvertising campaigns we have tracked for the past few months have targeted Windows users.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |