Malware, Threat Management

Google Ads used for Mars Stealer distribution

Threat actors have been distributing the Mars Stealer malware through Google Ads, according to The Hacker News. Initially discovered last June, the Oski Stealer-based Mars Stealer has been continuously developed and spread through social engineering campaigns, cracked software, malspam campaigns, and keygens, wrote Morphisec malware researcher Arnold Osipov. The report detailed that while spam email messages with compressed executables, document payloads, or download links are prevalently leveraged for Mars Stealer distribution, malicious actors have also been using spoofed websites with advertisements of widely-used software that have been pushed through Google Ads. Such technique involves the use of targeted advertisements that would redirect victims to a malicious site which would then allow deployment of the malware, which features browser autofill data, browser extension detail, and credit card information harvesting and exfiltration capabilities. Researchers were able to link the campaign to a Russian speaker following the attackers' accidental compromise of their own machine. "Infostealers offer an accessible entry point to criminal activity," wrote Osipov.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.