CyberSecurityBoard
Sponsor Register Login

Google Ads for fake Homebrew, LogMeIn sites push info-stealers

Cybercriminals are exploiting Google Ads to promote fake websites impersonating popular remote access tools like Homebrew and LogMeIn. These fraudulent sites are designed to distribute info-stealing malware, targeting users who seek legitimate software downloads. The attackers leverage the trust associated with these well-known platforms to trick victims into downloading malicious payloads that harvest sensitive information such as credentials and personal data. This campaign highlights the increasing sophistication of threat actors in using advertising platforms to spread malware and the importance of vigilance when downloading software online. Users are advised to verify URLs carefully and rely on official sources to avoid falling victim to such scams. Security professionals should monitor these tactics as they evolve and educate users on safe browsing practices to mitigate risks posed by deceptive ads and fake websites.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Sat, 18 Oct 2025 15:05:12 +0000


Cyber News related to Google Ads for fake Homebrew, LogMeIn sites push info-stealers

AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
1 year ago Feeds.dzone.com
Google Ads for fake Homebrew, LogMeIn sites push info-stealers - Cybercriminals are exploiting Google Ads to promote fake websites impersonating popular remote access tools like Homebrew and LogMeIn. These fraudulent sites are designed to distribute info-stealing malware, targeting users who seek legitimate ...
4 months ago Bleepingcomputer.com
Fake KeePass site uses Google Ads and Punycode to push malware - A Google Ads campaign was found pushing a fake KeePass download site that used Punycode to appear as the official domain of the KeePass password manager to distribute malware. Google has been battling with ongoing malvertising campaigns that allow ...
2 years ago Bleepingcomputer.com
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
2 years ago Cisa.gov
Hackers Attacking macOS Users with Spoofed Homebrew Websites - Cybercriminals have escalated their attacks on macOS users by deploying spoofed Homebrew websites to distribute malicious software. Homebrew, a popular package manager for macOS, is widely trusted by developers and users for installing software. ...
4 months ago Cybersecuritynews.com
Google Ads Invite Being Abused to Push Spam & Adult Sites - Google Ads has become another way for malicious actors to spread spam and adult sites. Recent reports have highlighted that fraudsters are abusing Google Ads invites to push their malicious content. Google Ads is Google's advertising platform, and ...
3 years ago Bleepingcomputer.com
Fake Semrush ads used to steal SEO professionals’ Google accounts - Because Semrush integrates with Google Analytics and Google Search Console, customers often link valuable Google accounts containing sensitive business data—like revenue metrics, marketing strategies, and customer behavior, all attractive ...
11 months ago Bleepingcomputer.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
2 years ago Cisa.gov CVE-2023-48842 CVE-2023-43089 CVE-2023-39226 CVE-2023-46690 CVE-2023-47207 CVE-2023-46886 CVE-2023-48882 CVE-2023-49656 CVE-2023-28896 CVE-2023-48016 CVE-2023-49092 CVE-2023-2266 CVE-2023-2267 CVE-2023-31177 CVE-2023-34388 CVE-2023-34389 CVE-2023-48848 CVE-2023-4398
Netgear, Hyundai latest X accounts hacked to push crypto drainers - The official Netgear and Hyundai MEA Twitter/X accounts are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. While Hyundai has already regained access to their account and has cleaned ...
2 years ago Bleepingcomputer.com
Crypto drainer steals $59 million from 63k people in Twitter ad push - Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months. According to blockchain threat analysts at ScamSniffer, they ...
2 years ago Bleepingcomputer.com
Safeguarding Your Data: Strategies to Protect Against Information Stealers - In today's digital age, the security of personal and sensitive information is of utmost importance. Cyber Threats, such as information stealers, pose a significant risk to individuals and businesses alike. Information stealers are malicious software ...
2 years ago Cybersecurity-insiders.com
Pakistani Firm Shipped Fentanyl Analogs, Scams to US – Krebs on Security - California resident Walter Horsting discovered something similar when he sued 360 Digital Marketing in small claims court last year, after hiring a company called Vox Ghostwriting to help write, edit and promote a spy novel he’d been working ...
10 months ago Krebsonsecurity.com
Google Cloud Next 2024: New Data Center Chip Joins Ecosystem - Google Cloud announced a new enterprise subscription for Chrome and a bevy of generative AI add-ons for Google Workspace during the Cloud Next '24 conference, held in Las Vegas from April 9 - 11. Overall, Google Cloud is putting its Gemini generative ...
1 year ago Techrepublic.com
X users fed up with constant stream of malicious crypto ads - Cybercriminals are abusing X advertisements to promote websites that lead to crypto drainers, fake airdrops, and other scams. Like all advertising platforms, X, formerly known as Twitter, claims to show advertisements based on a user's activity, ...
2 years ago Bleepingcomputer.com
Scammers Unleash Flood of Slick Online Gaming Sites – Krebs on Security - The financial part of this scam begins when users try to cash out any “winnings.” At that point, the gaming site will reject the request and prompt the user to make a “verification deposit” of cryptocurrency — typically ...
7 months ago Krebsonsecurity.com
Fake IT support sites push malicious PowerShell scripts as Windows fixes - First discovered by eSentire's Threat Response Unit, the fake support sites are promoted through YouTube channels that have been compromised and hijacked to add legitimacy to the content creator. In particular, the threat actors are creating fake ...
1 year ago Bleepingcomputer.com
Fake browser updates spread updated WarmCookie malware - The latest campaign was discovered by researchers at Gen Threat Labs, who observed the WarmCookie backdoor being distributed as fake Google Chrome, Mozilla Firefox, Microsoft Edge, and Java updates. FakeUpdate is a cyberattack strategy used by a ...
1 year ago Bleepingcomputer.com
CVE-2024-44972 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
Microsoft again bothers Chrome users with Bing popup ads in Windows - Microsoft is once again harassing Google Chrome users on Windows 10 and Windows 11 with popup desktop advertisements promoting Bing and its GPT-4 Bing Chat platform. Due to the quality of the pixelated ads, some who received them were concerned that ...
1 year ago Bleepingcomputer.com
Mandiant's X account hacked by crypto Drainer-as-a-Service gang - The threat actor who took over Mandiant's X social media account used it to share links, redirecting the company's over 123,000 followers to a phishing page to steal cryptocurrency. As Mandiant found during a follow-up investigation into the ...
2 years ago Bleepingcomputer.com
Google and Apple Admit Government Spies On Users Via Push Notifications - Government authorities have been snooping on smartphone users via push notifications sent out by applications, wrote a US senator in a letter to the Department of Justice on December 6. Senator Ron Wyden of Oregon has requested that the Department of ...
2 years ago Cysecurity.news
Malware abuses Google OAuth endpoint to 'revive' cookies, hijack accounts - Session cookies are a special type of browser cookie that contains authentication information, allowing a person to automatically log in to websites and services without entering their credentials. These types of cookies are meant to have a limited ...
2 years ago Bleepingcomputer.com
Fake Corsair job offers on LinkedIn push DarkGate malware - A threat actor is using fake LinkedIn posts and direct messages about a Facebook Ads specialist position at hardware maker Corsair to lure people into downloading info-stealing malware like DarkGate and RedLine. Cybersecurity company WithSecure ...
2 years ago Bleepingcomputer.com
Police Can Spy on Your iOS and Android Push Notifications - While Wyden's letter says that governments outside the US have requested people's push notification records, the Federal Bureau of Investigation has done so as well. A February 2021 search warrant application submitted by an FBI agent to the US ...
2 years ago Wired.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)