Google ad for GIMP.org served info-stealing malware via lookalike site

Gandalf_The_Grey

Gandalf_The_Grey

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Apr 24, 2016
7,815
6
82,972
8,389
55
The Netherlands
Content source
https://www.bleepingcomputer.com/news/security/google-ad-for-gimporg-served-info-stealing-malware-via-lookalike-site/
Searching for 'GIMP' on Google as recently as last week would show visitors an ad for 'GIMP.org,' the official website of the well known graphics editor, GNU Image Manipulation Program.

This ad would appear to be legitimate as it'd state 'GIMP.org' as the destination domain. But clicking on it drove visitors to a lookalike phishing website that provided them with a 700 MB executable disguised as GIMP which, in reality, was malware.

'GIMP' malvertising abuses Google ads

Up until last week, googling for 'GIMP' would bring up a Google ad that'd appear to take you to the open source graphics editor's official website 'GIMP.org.'

Problematic Google ad leading visitors to GIMP phishing site


But instead this malvertising campaign drove visitors to a lookalike, phishing page delivering a malicious 'Setup.exe' that appeared to be the GIMP utility for Windows.

Fake GIMP site
Click to expand...
www.bleepingcomputer.com

Google ad for GIMP.org served info-stealing malware via lookalike site

Searching for 'GIMP' on Google as recently as last week would show visitors an ad for 'GIMP.org,' the official website of the well known graphics editor, GNU Image Manipulation Program. But clicking on it drove visitors to a lookalike phishing website that provided them with a 700 MB executable...
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: Stenographers, Stopspying, show-Zi and 5 others
Lately Google search has become less and less useful to me. The number of ads, and the placement of them, keeps getting more pervasive. This is just another example of how ads in search engines are a bad idea. If I had it my way ads in search engines would be illegal. Not to mention the security risk of a corporation owning a profile on you built from all your search terms. It isn't /if/ it will be abused, it is /when./ DuckDuckGo doesn't have a perfect track record, but at least they let you turn the ads off in their settings.
 
  • Like
Reactions: show-Zi and upnorth
You must log in or register to reply here.

You may also like...