A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP.

  • Telorand@reddthat.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    Wait, are system admins the types to click on ads? I thought one of the most important rules of the internet was “never click on ads.” Seems like the wrong place to go phishing.

    • Fuck spez@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      Devil’s advocate: it would be worth the risk of wasted time to an attacker when the payoff is potentially gaining admin access to one or two high-value systems.

    • General_Shenanigans@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      “My boss says I need something called ‘Wind Skip.’ I don’t know what it’s for; I have a PDF here with instructions. He says we can just download it and run it, but I couldn’t find it. Can you install it for me?”

    • loki@lemmy.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      Scoop for me. 1 more layer of audit, 1 additional layer of trust. There are occasional hiccups but they haven’t broken my trust yet.

  • 𝕸𝖔𝖘𝖘@infosec.pub
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    Search engine advertisements have become a massive problem over the past couple of years, with numerous threat actors utilizing them to push malware and phishing sites.

    It’s a good thing that Google is fighting so hard to block the use of adblockers, since the shareholders’ profits are so much more important than the safety of everyone else.