Google Ads Spreads Malware on Macs That Impersonate Popular Browser

Join Fox News to access this content

You have reached your maximum number of articles. Log in or create a FREE account to continue reading.

By entering your email address and clicking Continue, you agree to the Fox News Terms of Use and Privacy Policy, including our Financial Incentive Notice.

Please enter a valid email address.

Google ads are usually harmless, but if you see one advertising a specific web browser, do not click on it.

Security researchers have discovered new malware for Mac devices that steals passwords, cryptocurrency wallets, and other sensitive data.

The app pretends to be Arc, a new browser that has recently gained popularity for its unconventional use.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR THE KURTA NEWSLETTER – CYBERGUY REPORT HERE

A truly new browser experience. (Bow)

How Mac Malware Infects Your Device

Mac malware lurks behind sponsored search results. Clicking the ad redirects you to arc-download(.)com, a fake site that pretends to offer a Mac version of Arc. The downloaded file looks like a typical Mac app installer.

There’s one catch, though — you’re asked to run the file by right-clicking and selecting Open, rather than the more direct method of double-clicking the file. This is designed to bypass Mac security. By forcing you to skip this step, the malware tricks you into installing it.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

Analysis of the malware code shows that once installed, the thief sends stolen information, such as passwords, to the IP address 79.137.192.4, which happens to be the home base of the malware’s control panel. This sneaky panel allows cybercriminals to access stolen data from infected accounts.

“There is an active Mac malware development scene focused on thieves,” wrote Jérôme Segura, lead malware intelligence analyst at Malwarebytes. “As you can see in this post, there are many factors that contribute to such a criminal enterprise. The vendor needs to convince potential customers that their product is feature-rich and has low antivirus detection rates.”

Fake Arc browser ad. (Malwarebytes)

ANDROID BANKING TROJAN DISGUISES ITSELF AS GOOGLE PLAY TO STEAL YOUR DATA

Mac malware has been “verified by Google”

Mac malware posing as Google adware is reportedly called Poseidon Malwarebytes researchersWhen you click “more info” next to the advert, it shows that it was purchased by an entity called Coles & Co, the identity of the advertiser which Google says it has verified.

Google vets every entity that wants to advertise on its platform. Google says the process is designed to “ensure users have a safe and trustworthy advertising ecosystem and comply with new regulations.” However, there seems to be a flaw in the vetting process when advertisers are able to openly distribute malware to users. While Google’s job is to do everything it can to block bad ads, sometimes bad actors can temporarily evade detection.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

This isn’t even the first time that cybercriminals have used Google ads. In May, I reported that the ads were being used to put fake websites at the top of search results. These websites pretend to be trustworthy sites and steal your money and personal information.

In this latest case, Google identified the issue and suspended the advertiser’s account for policy violations, removing all ads from its platforms, prior to Malwarebytes’ report.

We contacted Google, and a company spokesperson provided the following statement:

“We prohibit ads that attempt to circumvent our enforcement by masking the advertiser’s identity in order to deceive users. When we identify ads that violate our policies, we quickly remove the ads and suspend the associated advertiser account when possible, as we did in this case.”

Fake company called Coles & Co. behind false advertising. (Malwarebytes)

ANDROID USERS AT RISK AS BANKING TROJAN ATTACKS MORE APPS

5 Ways to Protect Yourself from Google Ad Malware

It’s hard to spot which Google ad is malicious. Follow these five tips to protect yourself from Google Search scams.

1. Bookmark or save the URL: If you visit certain sites frequently, especially social media and financial platforms, bookmark or save their URLs. This will ensure you land on the right page and avoid fake sites.

2. Avoid clicking on unknown links: Always type the website address directly into your browser’s address bar. Avoid clicking on links, especially those sent via email or on unknown websites, as they can lead to fake or malicious sites. Manually entering the URL ensures that you are going to the correct and intended site, reducing the risk of phishing attacks and other online threats.

The best way to protect yourself from clicking on malicious links that install malware that can access your private information is to install strong antivirus protection on all your devices. It can also warn you about any phishing emails Or ransomware scams. Check out my picks for the best antivirus protection in 2024 for Windows, Mac, Android, and iOS devices.

3. Download apps from trusted platforms: When downloading apps to your Mac or other Apple device, use the App Store. Apple has strict security guidelines that only allow safe and legal apps to be hosted on its platform.

4. For maximum security, keep your browser up to date: It is very important to update your browser regularly because updates often contain security patches that protect against newly discovered vulnerabilities.

5. Recognize urgent requests as potential scams: Always be cautious if someone persistently asks you to do something, such as sending money, providing personal information, or clicking a link – there’s a good chance it’s a scam.

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET

Kurt’s Key Takeaways

The Poseidon malware case is a wake-up call for everyone to be extra cautious when dealing with online ads, especially those for popular software. Don’t just click on the first sponsored search result that appears. Also, make sure you only download apps from trusted sources, such as official app stores. To add another layer of security, consider using strong antivirus protection.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Are you confident in distinguishing legitimate download sites from fake ones? Let us know by writing to us at Cyberguy.com/Contact

For more tech tips and security alerts, sign up for my free CyberGuy Report newsletter by going to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to CyberGuy’s most frequently asked questions: