Lemmy Today

1,493 readers
74 users here now

Welcome to lemmy.today!

About us

🤗 Thanks for joining our little instance here, located in Oregon. The idea is to have a fast, stable instance and allow users to subscribe to whatever content they want from here.

😎 We dont block any other instances. We will keep it that way unless it becomes a moderation problem.

🤠 We will be around for a very long time, so you dont have to worry about us shutting down the instance anytime soon. We like performance and stability in our servers, and will upgrade the instance when its needed.

🥹 Make sure to join a lot of remote communities to get a good feed going. How to do that is explained here.

Lemmy mobile apps

You should start using one of these ASAP since the web browser user interface is quite ugly, even with themes.

Sync for Lemmy (Android)
Boost for Lemmy (Android)
Eternity (Android)
Liftoff (Android and IOS)
Voyager (IOS)
Voyager WebApp
Jerboa (Android)
Connect (Android)
Thunder (Android and IOS)
Mlem (IOS)
Memmy (IOS)

Optional Lemmy web browser user interfaces

Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming, or creating communities to promote blogs or services.
No local pornography communities (but you are free to subscribe to them on other instances if you wish).
No local communities about software related to porn.
No local religious communities (use remote ones)

Contact the admin

@mrmanager

founded 1 year ago

ADMINS

mrmanager

Buelldozer

209

Google ads push fake Google Authenticator site installing malware | The ad displays "google.com" and "https://www.google.com" as the click URL, and the advertiser's identity is verified by Google (www.bleepingcomputer.com)

submitted 1 month ago by ForgottenFlux@lemmy.world to c/privacyguides@lemmy.one

22 comments fedilink

Google has fallen victim to its own ad platform, allowing threat actors to create fake Google Authenticator ads that push the DeerStealer information-stealing malware.

In a new malvertising campaign found by Malwarebytes, threat actors created ads that display an advertisement for Google Authenticator when users search for the software in Google search.

What makes the ad more convincing is that it shows 'google.com' and "https://www.google.com" as the click URL, which clearly should not be allowed when a third party creates the advertisement.

We have seen this very effective URL cloaking strategy in past malvertising campaigns, including for KeePass, Arc browser, YouTube, and Amazon. Still, Google continues to fail to detect when these imposter ads are created.

Malwarebytes noted that the advertiser's identity is verified by Google, showing another weakness in the ad platform that threat actors abuse.

When the download is executed, it will launch the DeerStealer information-stealing malware, which steals credentials, cookies, and other information stored in your web browser.

Users looking to download software are recommended to avoid clicking on promoted results on Google Search, use an ad blocker, or bookmark the URLs of software projects they typically use.

Before downloading a file, ensure that the URL you're on corresponds to the project's official domain. Also, always scan downloaded files with an up-to-date AV tool before executing.

477

submitted 1 month ago by ForgottenFlux@lemmy.world to c/technology@lemmy.world

27 comments fedilink