Google

Google promotes Google Authenticator fake that installs malware

It is once again an embarrassing situation for Google that puts users at risk: Ads are being distributed via its own advertising platform that lead to a fake Google Authenticator page. These lead to malware.

Fake Google Authenticator: Malware via search

For many years, Google has been struggling with malicious advertising campaigns, also known as malvertising. The embarrassing problem: Cyber ​​criminals manage to use the company’s advertising platform to spread ads that lead to fake websites. They pay so that these fake ads for well-known services appear in the search results before the first reputable entries. But it is even more embarrassing when these fake ads are used to promote Google’s own security products. This has now happened once again with a brazen advertising campaign surrounding the Google Authenticator. How Malwarebytes reported, it is possible for the people behind it to display “google.com” as a click URL – this of course gives it an official appearance and should not be possible for ads created by third parties.

The gaps extend even deeper into Google’s advertising system and have been denounced for years. If you look at the advertiser of the current fake ad campaign, they are marked as “verified by Google” – so according to the company, they have a “verified status”. Users who fall for the ad are then tricked into installing the data-stealing malware “DeerStealer”.

Malicious ads remain

Upon request from Bleeping computer Google only states that the threat actors are using brute force methods to circumvent the automated detection systems. They create thousands of accounts at the same time and rely on a few to evade countermeasures.

Last year, 3.4 billion malicious ads were removed, over 5.7 billion ads were restricted, and over 5.6 million accounts were blocked. The fake authenticator page was also removed after receiving tips. However, all of these measures are not enough to prevent cybercriminals from repeatedly fishing for victims in Google searches using their own products and the appearance of seriousness.