Tag: Bing | SpinSafe

‘Nitrogen’ Ransomware Effort Lures IT Pros via Google, Bing Ads

July 26, 2023/in Internet Security

Hackers are planting fake advertisements — “malvertisements” — for popular IT tools on search engines, hoping to ensnare IT professionals and perform future ransomware attacks.

The scheme surrounds pay-per-click ads on sites like Google and Bing, which link to compromised WordPress sites and phishing pages mimicking download pages for software such as AnyDesk, Cisco AnyConnect, TreeSize Free, and WinSCP. Unsuspecting visitors end up downloading the actual software they intended, alongside a trojanized Python package containing initial access malware, which the attackers then use to drop further payloads.

Researchers from Sophos are calling the campaign “Nitrogen.” It has already touched several technology companies and nonprofits in North America. Though none of the known cases have yet been successful, the researchers noted that “hundreds of brands co-opted for malvertising of this sort across multiple campaigns in recent months.”

“The key thing here is that they’re targeting IT people,” says Christopher Budd, director of Sophos X-Ops. Skipping right to the people closest to an organization’s most sensitive systems, he says, “is actually a fairly efficient and effective way of targeting.”

Honeypots for IT Pros

Search engine surfers who click on a Nitrogen malvertisement will typically end up on a phishing page mimicking the actual download page for the software they’re attempting to download — for example, “winsccp[.]com,” with that extra “c” subtly added in.

In one case, instead of a mere phishing page, the researchers discovered a compromised WordPress site at mypondsoftware[.]com/cisco. The researchers noted that “all other links on the myponsdsoftware[.]com point to legitimate cisco.com Web pages, except for the download link for this particular installer,” which directs to a malicious phishing page.

Hitting “download” on any of these pages will download a trojanized ISO installer, which sideloads a malicious dynamic link library (DLL) file. The DLL file does, in fact, contain the user’s desired software, but also initial access malware.

From here, the malicious attack chain establishes a connection to attacker-controlled command and control (C2) infrastructure, and drops…

Source…

Concerned About the Bing Redirect Virus? Here’s 2 Ways to Remove the Malware From Your PC

August 25, 2021/in Computer Security

The Bing redirect virus can be annoying and dangerous, as it leads you to specific websites and bombard you with advertisements. It is, however, not to be confused with Bing.com– a legitimate search engine backed by a legitimate and reliable company.

Find out more about the Bing redirect virus and how you can remove it from your computer.

What Is the Bing Redirect Virus?

Bing Redirect is technically not a virus, Trend Micro said, more so a precursor to what could be the virus.

It is also worth mentioning that this virus is not related to Bing.com. On that note, the site can be promoted by various browser hijacking potentially unwanted applications, Malware Remove said.

These applications do not require the users’ explicit approval to infiltrate in and once the installation is confirmed, it could already trigger unwanted changes to the browsers’ settings. A very annoying feature of the virus is how it can deliver intrusive online advertisements.

When victims get redirected to this particular search engine continuously, it significantly diminishes the internet browsing experience. The browser hijackers can also inject different helper objects to stop victims from returning to the previous browser setting options, making it virtually impossible to return to such settings unless the malicious software is removed.

The hijackers can use the recorded data and can result in serious privacy issues of identity theft, Malware Remove pointed out.

This morning, without my consent, every search done through @firefox redirect me to @bing. No matter what I do. I want Bing outside my PC. I’m super annoyed. Help. It’s your work ethics under scrutiny.

— Negro José (@JerjelMaulino) August 10, 2021

Read Also: Global Fraud Protection – Exposing Online Scams

2 Ways to Remove Bing Redirect Virus From Your PC

Browser hijackers can often make their way to your device by using deceptive bundling methods, stealthily installing third-party apps with regular software, Malware Remove explained. Hiding in plain sight, a lot of users may not pay attention to what they are downloading or installing and proceed to install the apps, leading to the inadvertent installation of the harmful apps,…

Source…

Cluster of 295 Chrome extensions caught hijacking Google and Bing search results – ZDNet

August 4, 2020/in Internet Security

Cluster of 295 Chrome extensions caught hijacking Google and Bing search results ZDNet
“HTTPS hijacking” – read more

Amid Outcry, Microsoft Amends Plan To Push Bing on Office 365 ProPlus – Redmond Channel Partner

February 14, 2020/in Internet Security

Amid Outcry, Microsoft Amends Plan To Push Bing on Office 365 ProPlus Redmond Channel Partner
“HTTPS hijacking” – read more

Tag Archive for: Bing

Honeypots for IT Pros

What Is the Bing Redirect Virus?

2 Ways to Remove Bing Redirect Virus From Your PC