Malware is distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace.
One campaign utilized a Google ad promoting - for example - a fake Cisco AnyConnect Secure Mobility Client download – hosted on a domain “appciscoi.]com”.
This site delivered a trojanized MSI installer. It installs the desired original application but installs different malware additionally.
It amazes me how they find ways even via ads to send out malware. Thanks for sharing this and hopefully AV vendors are on top of it.
Just further proof that Ads ARE Malware 
One of a myriad of reasons to blocks ads, especially on corporate networks.
Even Search Engine Ads end up becoming poisoned when searching for generic software installs.
Just further proof that Ads ARE Malware
Yeah, it used to be in jest, but it really is true now.
One of a myriad of reasons to blocks ads, especially on corporate networks.
Even Search Engine Ads end up becoming poisoned when searching for generic software installs.
That’s the reason why I block ads at multiple places and don't like to make any exceptions. Malicious adds can always appear so the risk it just too high to allow them getting displayed.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.