MadMxShell Exploit: Malvertising Campaign Hijacks Google Ads to Deploy Windows Backdoor

April 19, 2024
MadMxShell Exploit: Malvertising Campaign Hijacks Google Ads to Deploy Windows Backdoor
  • A malvertising campaign dubbed MadMxShell is exploiting Google Ads to push fake websites, delivering a Windows backdoor zero-day exploit.

  • The campaign is the first recorded instance of a Windows backdoor being successfully deployed via malvertising.

  • MadMxShell is capable of file manipulation, collecting system data, executing commands, and uses evasion techniques.

  • The operation began in June 2023, posing a serious risk to cybersecurity.

  • The perpetrator is active on criminal forums, hinting at plans for a sustained malvertising operation.

  • The campaign exploits Google Ads threshold accounts to defer payment until a set limit is reached, enabling prolonged malicious ad runs.

Summary based on 2 sources


Get a daily email with more Tech stories

Related Stories