International Finance

Bumblebee malware targets new victims through Google Ads

IFM_Google Ads

A new malware strain that poses as Google Ads has been identified by cybersecurity company Secureworks, and the company said it is spreading swiftly.

The malicious software, known as Bumblebee, was first identified over a year ago and would normally spread through phishing assaults, but Secureworks has warned that the person responsible is now getting more inventive and hopping on a new trend.

In the most current State of the Threat Report from Securework, published in 2022, it was noted that there had been a rise in attacks including trojanized software that was being disseminated through Google Ads or SEO poisoning. Bumblebee is just one of several programmes trying this more common technique, the report said.

Bumblebee Malware Via Google Ads

The malware’s reach extends far beyond the search engine. Their examples have been discovered in numerous well-known corporate applications, including Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace. The malware is subsequently installed by victims when they download what they believe to be legitimate software from the fraudulent download pages.

According to the company’s Director of Intelligence, Mike McLellan, up to 1% of web advertisements include malicious information. McLellan described the typical scenario during which a victim is attacked: Rather than downloading software through a company’s IT team, many remote workers are taking control and going online themselves, unaware of the potential risks.

The report details the download of a legitimate Cisco AnyConnect VPN installer “which had been modified to contain the Bumblebee malware.”

According to McLellan, the latest findings only serve to highlight how crucial it is for businesses to have stringent procedures in place for limiting access to web adverts and controlling rights on software downloads.

In addition, employees are encouraged to direct their own way to the real website rather than following a stream of links or adverts, or to completely remove themselves from the process and request that their company’s IT team take control.

What's New

Business Leader of the Week: Challenges await Akio Toyoda as he gets re-elected as Toyota boss

IFM Correspondent

Saudi wealth fund PIF set to issue sterling-denominated bonds

IFM Correspondent

IF Insights: EU talks tough at China on trade front, but at what cost?

IFM Correspondent

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.