- cross-posted to:
- pulse_of_truth@infosec.pub
- cross-posted to:
- pulse_of_truth@infosec.pub
A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP.
Wait, are system admins the types to click on ads? I thought one of the most important rules of the internet was “never click on ads.” Seems like the wrong place to go phishing.
System admins are just people
Devil’s advocate: it would be worth the risk of wasted time to an attacker when the payoff is potentially gaining admin access to one or two high-value systems.
“My boss says I need something called ‘Wind Skip.’ I don’t know what it’s for; I have a PDF here with instructions. He says we can just download it and run it, but I couldn’t find it. Can you install it for me?”
Search engine advertisements have become a massive problem over the past couple of years, with numerous threat actors utilizing them to push malware and phishing sites.
It’s a good thing that Google is fighting so hard to block the use of adblockers, since the shareholders’ profits are so much more important than the safety of everyone else.
I’m feeling more & more glad I finally switched to Linux.
Another benefit to using Ninite.
Scoop for me. 1 more layer of audit, 1 additional layer of trust. There are occasional hiccups but they haven’t broken my trust yet.