A deceptive Google Search result related to Cisco WebEx software is leading victims to inadvertently download the BatLoader malware, which subsequently installs the DanaBot trojan. Security experts at Malwarebytes have discovered an ongoing fraudulent Google Ads campaign that has been active for a week, manipulating search results for Cisco WebEx conferencing software.
The malicious campaign involves the creation of counterfeit Google Ads that appear as legitimate search results when users search for terms related to Cisco WebEx. By leveraging this deceptive technique, cybercriminals exploit users’ trust in Google’s search engine to distribute malware.
Once users click on the fraudulent ad, they are redirected to a compromised website that masquerades as an official Cisco WebEx page. Unbeknownst to the victims, their devices become infected with the BatLoader malware, which acts as a gateway for the subsequent installation of the DanaBot trojan.
BatLoader, the initial payload, serves as a downloader for additional malware. Its primary purpose is to stealthily deliver and execute the DanaBot trojan onto compromised systems. DanaBot is a sophisticated banking trojan known for its ability to steal sensitive information such as login credentials, financial data, and personal information.
The security researchers at Malwarebytes emphasize the need for users to exercise caution and verify the legitimacy of search results, especially when downloading software or visiting websites that handle sensitive information. It is crucial to be vigilant and double-check the authenticity of websites before providing any personal or financial details.
Google has been alerted to this fraudulent campaign and is actively working to address the issue. While the search engine giant continuously improves its security measures to combat such threats, it is essential for internet users to remain proactive in protecting themselves against potential cyber risks.
In conclusion, a misleading Google Search campaign targeting Cisco WebEx software has been discovered, resulting in the inadvertent download of the BatLoader malware and subsequent installation of the DanaBot trojan. Users are advised to be wary of search results and exercise caution when downloading software or sharing sensitive information online.
