Gandalf_The_Grey
Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 6,645
Searching for 'GIMP' on Google as recently as last week would show visitors an ad for 'GIMP.org,' the official website of the well known graphics editor, GNU Image Manipulation Program.
This ad would appear to be legitimate as it'd state 'GIMP.org' as the destination domain. But clicking on it drove visitors to a lookalike phishing website that provided them with a 700 MB executable disguised as GIMP which, in reality, was malware.
'GIMP' malvertising abuses Google ads
Up until last week, googling for 'GIMP' would bring up a Google ad that'd appear to take you to the open source graphics editor's official website 'GIMP.org.'
But instead this malvertising campaign drove visitors to a lookalike, phishing page delivering a malicious 'Setup.exe' that appeared to be the GIMP utility for Windows.
Google ad for GIMP.org served info-stealing malware via lookalike site
Searching for 'GIMP' on Google as recently as last week would show visitors an ad for 'GIMP.org,' the official website of the well known graphics editor, GNU Image Manipulation Program. But clicking on it drove visitors to a lookalike phishing website that provided them with a 700 MB executable...
www.bleepingcomputer.com