By Julio Rivera,
In 2023, most internet users already realize that the online world can be a dangerous place if they fail to take proper precautions, as it is a hotbed of potential scams, identity theft, and other malicious activities.
With innovative cybercriminals constantly developing new ways to steal people’s personal data and extort large ransoms by exploiting vulnerabilities in computer networks, your next click can open a trapdoor loaded with potential headaches.
Many of these attacks can be avoided by simply avoiding questionable websites like the plethora of freeware sites that often promote illegitimate or cracked versions of popular software, often packaged in bundles with other apps or software that may be loaded with malware. Following other common-sense precautions like not opening email attachments from unknown senders can also offer a measure of protection.
But even when so-called “best practices” are followed online, many cybercrimes occur without the user being immediately aware, because nowadays, even seemingly innocent online activity can lead to significant risks. And perhaps no other current threat has the ability to rope in suspecting users more easily than “malvertising.”
What is Traditional Malvertising?
Malvertising is a method of cyberattack which abuses online advertising platforms to steal sensitive user data and spread malicious content, including malware and ransomware. It takes advantage of popular advertising networks to gain access to unsuspecting users’ systems or networks, allowing attackers to steal data or infect devices with damaging viruses and other code.
Malvertising campaigns typically infiltrate advertisements for popular products, services, or websites, and despite the fact that the ads may look perfectly normal, they contain hidden code which will either redirect users to malicious websites that can then execute their attack, or install malware on devices.
Malvertising campaigns are notorious for sometimes using vulnerable applications such as JavaScript and Flash Player to deliver malicious payloads instead of simply redirecting users away from legitimate sites. Regardless of how it is accomplished, the end result is the same: a user’s device or network has been compromised.
Traditionally, in order to protect against this type of attack, internet users need only stay alert while browsing the web and be sure when downloading new programs that are part of software bundles that may contain browser extensions.
But what happens when you innocently go to one of the more reputable and universally trafficked search engines in the world, Google, only to find yourself victimized, not by hacks executed via infiltrated advertisements, but by ads that were actually approved and then promoted by the Google Ads platform?
How Are Hackers Using the Google Ads Platform to Steal Data and Spread Malware?
A recent wave of cyberattacks that have been manipulating the Google ads platform to victimize individuals and entities in both the private and public sector seems to be more of an indictment of the lax policies of the tech giant than any new breakthrough in the online underworld.
According to reports, hackers have been able to dupe Google into running ads for such notable everyday products and services that include Adobe Reader, Microsoft Teams, OBS, Slack, and Thunderbird. The fake ads lead users to be victimized by malware gangs that include AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader.
According to a statement from Google on the matter, “Bad actors often employ sophisticated measures to conceal their identities and evade our policies and enforcement. To combat this over the past few years, we’ve launched new certification policies, ramped up advertiser verification, and increased our capacity to detect and prevent coordinated scams. We are aware of the recent uptick in fraudulent ad activity. Addressing it is a critical priority and we are working to resolve these incidents as quickly as possible.”
The lack of due diligence on the part of Google is startling, especially when considering that in 2022, Google’s ad revenue amounted to a whopping $224.47 billion dollars. Additionally, their unwitting participation in these online schemes potentially open up the organization up to possible liability from victims, as the organization may possibly be considered to be technically operating as an accessory to cybercrime.
Regardless of whether this matter gets the appropriate amount of news coverage, Google should immediately prioritize identifying the cracks in their business model that have allowed for such brazen online criminality. They certainly turn a large enough profit to be able to afford to create an extra layer of consumer protection via increased manpower and an improved advertiser vetting process.
The various internet advertising mechanisms that currently exist, which already include the annoyances associated with adware programs like the ‘Pdf download tool’ that bombards users with sponsored ads and browser hijackers and extensions like Infinity Search that quite literally take over your online search attempts, are dangerous enough. But, if Google, which is universally regarded as the gold standard among search engines ceases to be a safe haven for web browsers, where will novice web surfers be able to turn to in order to conduct safe searches on the internet?
Julio Rivera is a business and political strategist, Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most heavily trafficked websites in the world.