Before your next Google search, beware of these spam ads distributing malware

Before your next Google search, beware of these spam ads distributing malware
© Thodonal | Dreamstime.com

A preferred method for cybercriminals to deliver malware is through phishing emails and spam messages. It has generally yielded enough victims for them to use those tactics continually. But criminals are also exploring different ways of beating antivirus systems.

We know that cybercriminals aren’t content with using the same techniques. They are always exploring other ways in which they can infect computers and steal personal data.

And a recently discovered malware is a good example of that, like the scary new malware that live-streams your screen. It doesn’t infiltrate your email’s inbox or as a link in a text message. It aims at one of the most basic things we do online: Google search.

Here’s the backstory

Security researchers at Bitdefender have identified a new form of malware. The team was actually investigating a different incident when they came across the new family of malicious processes. Their investigation determined that it infiltrates Microsoft’s Windows Defender.

The team named it MosaicLoader since the internal workings of the malware is a patchwork of code specifically designed to subvert detection, analysis and reverse engineering. MosaicLoader is interesting because it is spread through paid advertising that shows up in results when you search online.

“Once planted on the system, the malware creates a complex chain of processes and tries to download a variety of threats, from simple cookie stealers, crypto-currency miners to fully-fledged backdoors such as Glupteba,” Bitdefender explained in a blog post.

The malware seems to have the sole purpose of targeting those looking for cracked or pirated software. But that doesn’t mean that you are safe if you aren’t searching for it. Criminals cast their nets far and wide, and the more victims they can catch, the better.

What you can do about MosaicLoader malware

The malicious code is tied to paid advertising links in search results for cracked software, and there is no way of telling which ads are infected. Once you click on the ad to download the illegal software, the malware mimics the file information from real software. Bitdefender explained that the only thing downloaded is MosaicLoader, which gives criminals access to your computer.

Once cybercriminals have access to your machine, they attempt to steal usernames and passwords for a variety of online services. There is also speculation that they try to use compromised machines for crypto mining operations.

Even if you are not downloading illegal or cracked software, you must make sure that you update your computer, antivirus and browsers to the latest versions. If you are looking for great antivirus that can protect you and your family online, we recommend our sponsor, TotalAV.

It protects you from every virus the internet has to offer, including ransomware and spyware. It’s also compatible with most devices on the market, including Windows, Mac, iPhone and Android. Right now, you can get complete protection for a whole year at ProtectWithKim.com for just $19

Keep reading

Tech security tip: How to remove malware from your computer

Don’t let this malware infect your computer and steal your passwords

Tags: Apple iPhone, Bitdefender, Crypto-mining, cybercriminals, Google Search, malware, passwords, Phishing Emails, security researchers, spam messages, usernames