216.73.217.139

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

· Published 20/01/2025 11:08 · Modified 20/01/2025 11:13

Export JSON

Essential information

Published
20/01/2025 11:08
Modified
20/01/2025 11:13
Tags
2025-01-20 advertising fraud malvertising phishing
Related entities
29 observables, 11 techniques (mitre), 8 others

Description

Cybercriminals are targeting Google Ads advertisers through campaigns, impersonating Google Ads via fraudulent ads. The scheme involves stealing advertiser accounts by redirecting victims to fake login pages, with the goal of reselling these accounts on blackhat forums. The operation uses compromised accounts to perpetuate the campaign, affecting thousands of Google customers worldwide. Victims include individuals and businesses looking to advertise on Google Search. The attacks involve sophisticated techniques, including the use of Google Sites for impersonation and kits to collect user data. Two main groups have been identified: one based in Brazil and another in Asia, possibly China. The stolen accounts are valuable for further campaigns, scams, and malware distribution.

External references