A new attack campaign that spreads malware through Google search results has been discovered by security experts from Palo Alto Networks.
Table of Contents
Hackers have been impersonating GlobalProtect VPN software, placing ads on Google Search to lure users to malicious websites, according to a report by Palo Alto Networks' Unit 42 cybersecurity department.
When users visit this website, they are tricked into downloading a malware downloader called WikiLoader, disguised as GlobalProtect software. WikiLoader then downloads other malicious code, which steals information and allows hackers to control the device remotely.
According to researchers, hackers' attack tactics have changed to expand the range of potential victims, from traditional phishing attacks to SEO (Search Engine Optimization).
WikiLoader has been active since late 2022. To bypass security measures, hackers have been constantly updating the malware.
Experts advise users to be cautious when downloading software from the Internet, especially from Google search results. Always double-check the source and authenticity of the website before downloading any files.
The Department of Information Security - Ministry of Information and Communications warns users to be wary of scams that lure victims into downloading software containing malicious code through advertisements that encourage users to download the Google Authenticator application to increase security for personal devices in cyberspace.
Specifically, the scammers created websites with fake domain names, inserting sponsored ads so that when people look up information, the search results appear at the top of the page. To make users subjective and easily fall into the trap, these websites also contain fake Google certificates.
If users click on the above ads, they will be redirected to a fake Google website with the link "chromeweb-authenticators.com". When users click, the fake application will be automatically downloaded from the open source code hosting service Github, then attack the victim's devices, stealing important information and data.
The Department of Information Security - Ministry of Information and Communications recommends that people be vigilant when looking up and downloading security applications. You should only download applications from the Play Store (CH Play) system for Android operating systems and the App Store for iOS operating systems. Absolutely do not download applications from unknown sources or unofficial websites.
Security researchers have recently discovered a new malware called 'Mamont', which can impersonate Google Chrome to trick people into stealing information.
Mamont hides itself by impersonating the popular Google Chrome web browser to steal information such as passwords, texts, photos and contacts from users. Experts say the malware currently targets only Russian speakers, but the threat actors behind 'Mamont' will quickly expand their targets.
Online fraud tactics using the 'Mamont' malware are becoming increasingly sophisticated. Fraudsters often use rented or purchased bank accounts to conduct suspicious transactions and launder money. They post information on forums and social networks about renting/buying accounts or approach low-income workers, students... to rent them to open bank accounts for prices ranging from 500,000 to 1 million VND per account.
This malware has the same icon as Chrome, which makes it easy for users to get confused and fall for it.
To avoid becoming a victim of personal information theft and malware, people should be cautious with strange links and not provide sensitive personal information such as citizen identification numbers, credit card numbers, bank account numbers, OTP codes, etc. In addition, users should absolutely not download software of unknown origin and should pay attention to the permissions that the application requires when installing.
Nowadays, malicious links appear more and more and are shared through social networks at a dizzying speed. Just clicking on a malicious link can bring potential dangers to you.
Some crafty scammers have figured out how to trick people into installing malicious apps that steal their banking details, and it all starts with a hand-delivered letter in the post.
A new strain of ransomware called Qilin has been discovered using a relatively sophisticated, highly customizable tactic to steal account login information stored in the Google Chrome browser.
Microsoft has just officially warned users about the existence of a vulnerability that could allow hackers to easily spread malware through the Outlook email application.
A cybersecurity firm has discovered a huge number of Android apps containing malicious code (adware), a discovery that also raises big questions about how Google monitors its online store.
Nowadays, free wifi networks are installed everywhere, from coffee shops, amusement parks, shopping malls, etc. This is very convenient for us users to be able to connect to the network everywhere to surf Facebook and work. However, is using free wifi safe?
Unfortunately, bad actors know this and have created fake CAPTCHAs that will infect your PC with malware.
There is a dangerous trend being deployed by the global hacker community, which is abusing the Google Ads platform to spread malicious code.
Stuxnet is a malicious computer worm that was first discovered in June 2010 after it paralyzed Iran's nuclear facilities. And to this day, Stuxnet is still a terrifying obsession for the global Internet.
Often distributed in a malware-as-a-service model, infostealer malware is often used to steal data, remaining hidden for as long as possible.
Why is new malware being developed to hide from users, and what does that say about the current cybercrime world?
As one of the most popular website building tools in the world, WordPress is once again a target for malware.
Even though Windows 10 will stop being supported after October 14, 2025, many Steam users are still using the operating system.
Keyloggers are extremely dangerous programs that hackers install on any user's system with the aim of stealing passwords, credit card information, etc. Keyloggers store all the keystrokes that users perform on the computer and provide hackers with important user information.
Tired of the frustrating Microsoft Teams "Check Version" error blocking your meetings? Follow our proven, step-by-step fixes to resolve it fast and restore smooth teamwork. Works on latest versions!
Struggling with the wrong Microsoft Teams account on Windows 11? Discover simple, step-by-step instructions to remove and change your Microsoft Teams account effortlessly. Perfect for managing work and personal profiles!
Struggling with Microsoft Teams "Guide" Tutorial Error? Discover simple, step-by-step fixes to resolve it quickly. Clear cache, update, and more for seamless teamwork. Updated for latest versions!
Struggling with Microsoft Teams for Mac sync errors? Follow this ultimate troubleshooting guide with step-by-step fixes to resolve sync issues quickly and get back to seamless collaboration on macOS. Updated with the latest solutions.
Tired of the frustrating Microsoft Teams "Website Error" loading issue? Follow our proven, step-by-step fixes to resolve it fast and restore smooth teamwork. Works on all browsers!
Struggling with Microsoft Teams Remote Control Error? Discover step-by-step troubleshooting for Remote Control issues in Teams. Quick fixes, common causes, and expert tips to get back to seamless collaboration. Updated with the latest solutions.
Struggling with Microsoft Teams "Media Error" Microphone? Get instant fixes for crystal-clear audio. Step-by-step solutions for permissions, drivers, and more – no tech skills needed!
Tired of the frustrating Microsoft Teams "Error" on your desktop shortcut? Discover proven, step-by-step solutions to resolve it fast and restore smooth teamwork. No tech skills needed!
Stuck with Microsoft Teams "Error P" password error? Discover quick, effective troubleshooting steps to resolve login issues and get back to seamless collaboration in minutes. Updated with the latest fixes.
Frustrated with Microsoft Teams "Welcome" screen stuck on Error 2026? Discover proven, step-by-step fixes to resolve it fast and get back to seamless collaboration. Updated with the latest tips!
Struggling with Microsoft Teams "Action Required" login error? Discover step-by-step troubleshooting fixes, clear cache methods, and quick solutions to get back to seamless collaboration. Updated with the latest tips for instant relief.
Facing Microsoft Teams Webinar Registration Error? Follow our proven, step-by-step guide to fix it quickly and get back to seamless webinar registrations. Latest troubleshooting tips included!
Tired of Microsoft Teams "Joining Error: Meeting Full"? Get proven, step-by-step solutions to bypass the error and join instantly. Latest fixes for seamless meetings!
Tired of the frustrating Microsoft Teams recording error: Permission Required? Follow our expert, step-by-step guide to regain recording access instantly with the latest Teams policies and fixes. No tech skills needed!
Tired of Microsoft Teams Error Report Not Sending? Discover quick, effective troubleshooting steps to resolve it fast and get back to seamless collaboration. Expert tips included!
