Google Ads Deliver Malware to Popular Text Editors

October 19, 2023 at 04:50 AM

•

1 min read

Google Ads Deliver Malware to Popular Text Editors — Photo: Ars Technica

TL;DR Summary

Google has been hosting a malicious ad that appears to be a legitimate pitch for the password manager Keepass. The ad leads users to a website with an almost identical URL to the genuine Keepass site, creating a convincing deception. The imposter site uses punycode encoding to appear genuine, making it difficult to detect. The ads have been running since Saturday and were paid for by an advertiser verified by Google. There is no foolproof way to detect these malicious ads or encoded URLs, but users can manually type the URL or inspect the TLS certificate for verification.

Topics:top-news #cybersecurity #fake-websites #google #keepass #malvertising #punycode

Share this article

Google-hosted malvertising leads to fake Keepass site that looks genuine Ars Technica
One of the most popular text editors around has been infected with malicious ads TechRadar
Malicious Notepad++ Google ads evade detection for months BleepingComputer
Hackers Deliver Weaponized Notepad++ Via Google Ads GBHackers

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

82%

542 → 98 words

Want the full story? Read the original article

Read on Ars Technica

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights