Experts from BleepingComputer are warning of threat actors that are using Google Alerts to promote a fake Adobe Flash Player updater that delivers unwanted programs. Bad actors publish posts with titles containing popular keywords to allow Google Search to index the content.
Google Alerts is a content change detection and notification service, it sends emails to the user when it finds new results (i.e. web pages, newspaper articles, blogs, or scientific research) that match the user’s search term(s).
Upon indexing the content, Google Alerts will alert people who are searching those specific terms.
Clicking on the links sent by Google Alerts related to the matches in the fake stories, users are redirected to malicious sites under the control of the threat actors the threat actor’s malicious site.
However, experts pointed out that visiting the URL of the fake stories directly, the website will state that the page does not exist.
Bleeping computer experts observed multiple campaigns abusing the Google notification service.
“This weekend, BleepingComputer observed the fake news stories redirecting to a new campaign that states your Flash Player is outdated and then prompts you to install an updater.” states BleepingComputer.
Once Clicked the ‘Update’ button, the victim will download a setup.msi file that installs a potentially unwanted program called ‘One Updater.’
Even if “One Updater” is not a malware, we cannot exclude that this technique could be used by threat actors to deliver and execute malicious payloads in future attacks.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, Google Alerts)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.