“The Benefits of Refraining from Google for Software Downloads: A Guide to Finding Alternatives”
PPE: For many, Google is the easiest way to find specific software, but malicious actors have made this dangerous in recent months. If you click one of the top Google results (usually an ad, not a top result) after searching for certain popular programs, the link may lead to an impersonator distributing malware.
Google programs like MSI Afterburner, Bitwarden, Grammarly, Blender, Gimp, Adobe Reader, Microsoft Teams, OBS, Slack, Thunderbird and many others can display recently promoted search results controlled by hackers. Malvertising campaigns impersonating these brands have been subverting Google Ads since at least December.
The best Google search results for software and other products are typically ads that get Google customers to click ads while directing users to relevant sites of interest. However, malicious impersonators have found a way to get targets from search results to their malware while evading detection by Google.
Guardio Labs warns that attackers create harmless advertising pages that appear in Google Ads and redirect users to malicious websites. The deceptive page looks identical to the software’s official download page. The trick is that the redirect happens only when human users click on the ads. Crawlers, bots, Google’s policy enforcement, or anyone else who directly types in the URL displaying the ad sees only the harmless ad page. Thus, the fraudulent sites are invisible to Google.
Also, the malware payloads are often not downloaded directly through the browser. Instead, they could hide in GitHub, Dropbox, or Discord to reduce the chances of antivirus programs catching them. Some of the fake advertising malware appears digitally signed by Microsoft, Acer, DigiCert, Sectigo, or AVG Technologies USA. They use a combination of these and other techniques to avoid detection.
The malware involved in these campaigns includes Formbook, IcedID, MetaStealer, and others. Last month, some users searching for Bitwarden encountered sponsored Google links leading to phishing sites trying to steal their master passwords.
In December, the FBI warned users about Google malvertising, admitting that ad blockers were an effective but controversial solution. If you have to use a search engine to find a software download, avoid clicking on results with the word “Advertisement” next to it.
Until Google Ads responds to the malvertising campaigns, users should find other ways to search for software. TechSpot readers should know that we offer safe downloads for many free programs like those mentioned in this article. Other tech sites do this too. The Wikipedia pages for programs often contain links to their official websites as well.
Source: www.techspot.com
Don’t miss interesting posts on Famousbio
