Beware of Google Ads danger! Bumblebee malware targeting victims
Bumblebee malware is targeting people via Google ads. Check how you can stay safe.
The most prominent thing you will notice while using a web browser or any application are Google Ads. Now, cybercriminals are using malicious Google Ads or SEO poisoning to spread malware which can lead to financial losses for common users. According to a recent blog post by Secureworks, Counter Threat Unit (CTU) researchers have observed a malware called Bumblebee, which is being distributed via Trojanized installers for popular softwares like Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace.
Bumblebee malware is a modular loader, historically distributed primarily through phishing, that has been used to deliver payloads commonly associated with ransomware deployments. Trojanizing installers for software that is particularly topical (e.g., ChatGPT) or software commonly used by remote workers increases the likelihood of new infections, the log post informed.
"One of the Bumblebee samples CTU researchers analyzed was downloaded from http: //appcisco.com/vpncleint/cisco-anyconnect-4_9_0195.msi. On or around February 16, 2023, a threat actor created a fake download page for Cisco AnyConnect Secure Mobility Client v4.x on the appcisco . com domain. An infection chain that began with a malicious Google Ad sent the user to this fake download page via a compromised WordPress site," the post read.
When a user falls victim to Bumblebee malware, the threat actor then gets access to their device's system making all of the victim's crucial details including banking details and confidential photos and files – vulnerable.
In order to avoid such situations and stay safe, people are advised to make sure they enter websites via legitimate sources and make sure that they do not click on random links or ads. Also, you can install antivirus and defender softwares in your systems to keep them protected.
"To mitigate this and similar threats, organizations should ensure that software installers and updates are only downloaded from known and trusted websites. Users should not have privileges to install software and run scripts on their computers. Tools such as AppLocker can prevent malware from being executed even if it is inadvertently downloaded," Secureworks said in the blog post.
Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.