DeepSeek Users Targeted With Fake Sponsored Google Ads that Deliver Malware
Summary:
Cybercriminals are now exploiting sponsored Google ads to target users searching for the popular AI chatbot, DeepSeek. According to security firm Malwarebytes, the attackers are using Google Ads to promote domains that mimic DeepSeek's official site, such as deepseek-ai-soft[.]com and deepseakr[.]com. These counterfeit sites closely resemble the legitimate DeepSeek website, featuring the same logo and a similar layout. If users click the download button, they unknowingly risk infecting their systems with a Trojan written in Microsoft Intermediate Language (MSIL). While Malwarebytes did not specify the exact functionality of the Trojan, it is likely designed to provide remote access to the victim's system, further facilitating the deployment of additional malicious payloads.
Security Officer Comments:
Sponsored ads on Google are paid advertisements that appear on search engine results pages, typically at the top of the page. While these ads are intended to be used by businesses to promote their products or services, cybercriminals have been increasing leveraging them as means to direct unsuspecting users to phishing sites designed to collect sensitive details or distribute malicious payloads. With the growing popularity of AI chatbots like DeepSeek, the latest campaign highlights an opportunistic approach taken by attackers to capitalize on the increasing number of searches conducted by users looking to use these chatbots.
Suggested Corrections:
Google has struggled to prevent fake ads from appearing in its sponsored search results. Given the effectiveness of these fraudulent ads, cybercriminals are willing to pay enough to outrank legitimate brands, successfully directing users to malicious sites. To avoid falling victim to such attacks, users should refrain from clicking on search results labeled as "Sponsored." Additionally, it's important to verify who the advertiser is by clicking the three dots next to the URL in the search result, ensuring the listed advertiser is the legitimate owner of the brand.
Link(s):
https://www.malwarebytes.com/blog/n...ake-sponsored-google-ads-that-deliver-malware
Cybercriminals are now exploiting sponsored Google ads to target users searching for the popular AI chatbot, DeepSeek. According to security firm Malwarebytes, the attackers are using Google Ads to promote domains that mimic DeepSeek's official site, such as deepseek-ai-soft[.]com and deepseakr[.]com. These counterfeit sites closely resemble the legitimate DeepSeek website, featuring the same logo and a similar layout. If users click the download button, they unknowingly risk infecting their systems with a Trojan written in Microsoft Intermediate Language (MSIL). While Malwarebytes did not specify the exact functionality of the Trojan, it is likely designed to provide remote access to the victim's system, further facilitating the deployment of additional malicious payloads.
Security Officer Comments:
Sponsored ads on Google are paid advertisements that appear on search engine results pages, typically at the top of the page. While these ads are intended to be used by businesses to promote their products or services, cybercriminals have been increasing leveraging them as means to direct unsuspecting users to phishing sites designed to collect sensitive details or distribute malicious payloads. With the growing popularity of AI chatbots like DeepSeek, the latest campaign highlights an opportunistic approach taken by attackers to capitalize on the increasing number of searches conducted by users looking to use these chatbots.
Suggested Corrections:
Google has struggled to prevent fake ads from appearing in its sponsored search results. Given the effectiveness of these fraudulent ads, cybercriminals are willing to pay enough to outrank legitimate brands, successfully directing users to malicious sites. To avoid falling victim to such attacks, users should refrain from clicking on search results labeled as "Sponsored." Additionally, it's important to verify who the advertiser is by clicking the three dots next to the URL in the search result, ensuring the listed advertiser is the legitimate owner of the brand.
Link(s):
https://www.malwarebytes.com/blog/n...ake-sponsored-google-ads-that-deliver-malware