Summary: Multiple threat actors are impersonating Google Ads login pages to deceive advertisers into revealing their credentials. This sophisticated malvertising campaign has led to the hijacking of accounts, which are then used to distribute malicious advertisements and malware. Researchers have labeled this operation as one of the most egregious malvertising campaigns ever tracked, affecting thousands of customers globally.
Threat Actor: Unknown | malvertising
Victim: Advertisers | advertisers
Keypoints :
- Threat actors use fake Google Ads to trick users into providing account credentials.
- The malicious ads are hosted on Google Sites, making them appear legitimate.
- Google is actively investigating and has removed billions of ads while facing challenges in stopping the impersonation schemes.