Languagesx
English Deutsch 日本 한국어
Subscribe
Home Malware scam on GitHub impersonates Google Authenticator ad

Malware scam on GitHub impersonates Google Authenticator ad

Malware scam impersonates ad for Google Authenticator
tl;dr

  • Cybersecurity firm Malwarebytes uncovered a scam involving fraudulent Google ads leading to a malicious Authenticator download.
  • The scam redirects users multiple times before landing on chromeweb-authenticators.com, where the fake app is hosted.
  • Principal threat researcher Jerome Segura advises against clicking ads for software downloads, noting the irony of compromising security while seeking to improve it.

A cybersecurity software provider has uncovered fraudulent advertising branded as Google, which links to a malicious version of Authenticator. 

The sophisticated scam purports to come from a Google-supported domain, but it results in a GitHub download. 

When you click on the ad, it redirects a handful of times before landing on chromeweb-authenticators.com, which is the host of the fake app for download. 

Jerome Segura, principal threat researcher at Malwarebytes – the company that detected the elaborate scam – reiterated the importance of not clicking through an ad to obtain any kind of support. 

He stated, “Some unknown individual was able to impersonate Google and successfully push malware disguised as a branded Google product as well.”  

“We should note that Google Authenticator is a well-known and trusted multifactor authentication tool, so there is some irony in potential victims getting compromised while trying to improve their security posture,” added Segura. 

“We recommend avoiding clicking on ads to download any kind of software.”

Dangers can lurk behind fake advertising

By hosting the file on GitHub, the scammers have successfully deployed a trusted cloud resource, but this in itself is not an unexpected penetration of note. 

GitHub is renowned for its prominence as the software repository of choice, but it is not faultless. 

Not all material hosted by the resource is legitimate, and almost anyone can create an account and upload files. In this instance, the threat actor followed this approach under the username authe-gogle, setting up the authgg repository that contained the malicious Authenticator.exe:

This is an intentional abuse of the ubiquity of Google and the unassuming trust that most users have toward the tech giant. It is a cunning, but effective method to dupe people into the clutches of malware. 

It is critical to ascertain legitimate advertising from fake content and the dangers that lurk beneath the surface. This example shows how a bad actor was able to successfully hide behind one of the most prominent brands in the world to spread malicious software.

Image credit: Via Ideogram

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the gambling and blockchain industries for major developments, new product and brand launches, game releases and other newsworthy events. Editors assign relevant stories to in-house staff writers with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags
Graeme Hanna
Tech Journalist

Graeme Hanna is a full-time, freelance writer with significant experience in online news as well as content writing. Since January 2021, he has contributed as a football and news writer for several mainstream UK titles including The Glasgow Times, Rangers Review, Manchester Evening News, MyLondon, Give Me Sport, and the Belfast News Letter. Graeme has worked across several briefs including news and feature writing in addition to other significant work experience in professional services. Now a contributing news writer at ReadWrite.com, he is involved with pitching relevant content for publication as well as writing engaging tech news stories.

Related News

California, Egyesült Államok
California votes 10-0 on sweepstakes casino bill & the SPGA isn’t happy
Joel Loynds
Betfair shuts down in New Zealand, making way for TAB NZ monopoly
Graeme Hanna
A photograph capturing a close-up view of the interior of an airplane cabin during nighttime. Several passengers are asleep in their reclining seats, illuminated by the soft glow of overhead reading lights. A middle-aged man with graying hair is resting his head against the window, while a young woman with headphones around her neck is curled up with a blanket draped over her. The cabin is dimly lit, with a sense of quiet tranquility as passengers dream amidst the subtle hum of the aircraft.
Could gambling be offered inflight on Delta? Survey gets poor response
Sophie Atkinson
DraftKings merch
DraftKings is set to be the first sportsbook to launch its own federal PAC
Rachael Davies
Las Vegas, Nevada, USA, The Strip
Las Vegas casinos seek to overcome summer slump with fresh deals
Rachael Davies

Most Popular Tech Stories

Latest News

Medical Document Processing
Featured

How Medical Document Processing Systems Lighten the Workload for Healthcare Providers
Deanna Ritchie1 day

The world of healthcare remains one of the most critical domains across professional practices, providing vital services to the general public. Although many processes within the industry require a level...

Popular TopicsArrow right.svg

Betting
Betting
Betting
Casino
Casino
Casino
Payments
Payments
Payments
Slots
Slots
Slots
Poker
Poker
Poker
Software
Software
Software

Get the biggest iGaming headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Gambling News

    Explore the latest in online gambling with our curated updates. We cut through the noise to deliver concise, relevant insights, keeping you informed about the ever-changing world of iGaming and its most important trends.

    In-Depth Strategy Guides

    Elevate your game with tailored strategies for sports betting, table games, slots, and poker. Learn how to maximize bonuses, refine your tactics, and boost your chances to beat the house.

    Unbiased Expert Reviews

    Honest and transparent reviews of sportsbooks, casinos and poker rooms crafted through industry expertise and in-depth analysis. Delve into intricacies, get the best bonus deals, and stay ahead with our trustworthy guides.