Scammers threaten users with fake Google Ads

Cybercriminals always search for the most effective ways to launch new cyber threats and attacks or snatch precious data. This time, they use fake ads to redirect unsuspecting users to phishing sites and distribute ransomware, spyware, and malware infections.

Hackers must use their wits and cunning to develop new strategies to launch malicious attacks on unsuspecting internet users. This latest strategy is the most dangerous information-stealing tactic yet.

Malware spreading via Google Ads

Cybercriminals have found a way to harness the power of Google Ads to entice their victims to follow their links to data-snatching malicious software called the Rhadamanthys malware. A recent report indicates that this new malware strain has been running rampant all over the internet.

It sneakily redirects users to various phishing landing destinations. However, that’s not the end of it. In addition to phishing attacks, this intelligent malware uses spam emails to spread the infection via malicious PDF files that notify victims about unpaid financial statements.

The malware works in two ways: it uses fake Google Ads to entice internet users to download malicious software while targeting businesses with spam emails.

Using Google to distribute malware

When internet users turn to the Google search engine, Google Ads is the first thing they see in the search results. These ads typically appear above the organic search results.

How the search engine displays ads gives hackers the advantage to distribute malware infection through ad campaigns because they know many internet users will choose the first three results after doing a search query.

They also created various phishing websites that mimic top-rated software solutions such as Bluestack and Zoom to target as many internet users as possible and get them to download malware without being aware of the infection.

Unsuspecting internet users think they’ve downloaded a helpful tool while being redirected to a software’s official landing page. However, the malware transfers them to one of the phishing web pages while stealing their data along the way.

These phishing websites are so true to the originals that they even use fonts and logos of popular brands to convince the user that they’re genuine. Even the installer files look legit. However, instead of installing a popular software tool, you get malware infection wreaking havoc on your systems.

The malware targets all sorts of data

Rhadamanthys is a data-stealer by design, meaning it captures as much data from the target audience as possible. Once it gathers enough information, it transfers it to a hacker-controlled command and control (C&C) server.

The malware can gather any type of data:

• Windows system information from desktop computers, such as CPU and RAM data, OS version, username, computer name, etc.
• Browser-related information like browsing history, login credentials, auto-fills, cookies, bookmarks, and other browser-related files on top browsers like Brave, Chrome, Firefox, and Microsoft Edge.
• Crypto wallet credentials and browser extensions.
• Email and FTP clients.
• Messaging apps.
• Any program running on the target’s operating system.

Cybercriminals could easily access any files stored in a browser using the malware to accomplish their malicious goals. For example, most internet users store their account credentials and passwords in a browser and use them to access their social media or bank accounts.

The malware could steal those files and allow hackers to perform any action on the targeted victim. The Rhadamanthys malware can steal crypto credentials, emails, passwords, and any other information available, with no exception.

From messaging apps like Telegram and password managers to crypto wallets and email clients, no internet user is safe.

As that’s not enough, Rhadamanthys can also execute identity theft and snatch any type of personal or corporate data without precedence.

Protect yourself from online threats

The best advice we can give you is to check every link before clicking and avoid downloading shady software if possible. No matter your tech-savvy knowledge or what type of cybersecurity you’re using, cybercriminals will always find a way around your measures.

Keep that in mind every time you’re about to click on an online ad, as it might be a trick to lure you into a malware scam and steal your data. You can also prefer organic search results, which are far more difficult to infiltrate.

Install a high-end antivirus program on all your systems, use anti-malware protection, and avoid using public Wi-Fi connections. If you must use public Wi-Fi, download VPN apps and connect to secure servers. It ensures that all your online activities happen via secure hotspots. Furthermore, a Virtual Private Network might have private DNS, making you more immune to redirects.

Mac users should install the latest Mac cybersecurity solutions to ensure maximum security levels. Apple users will also succumb to the Rhadamanthys malware-as-a-service as hackers will stop at nothing to see their money’s worth.

Now, this innovative data-stealer is among the most dangerous cyber threats the digital world has ever seen.