MadMxShell Exploit: Malvertising Campaign Hijacks Google Ads to Deploy Windows Backdoor
April 19, 2024![MadMxShell Exploit: Malvertising Campaign Hijacks Google Ads to Deploy Windows Backdoor](https://cdn.brief.news/images/stories/1f68f6b549ddb314ce80099b86eafc9beb0684ec38cbed0d08d98c86f9c903409d7aeef51645e56adf83f0402b0212022252d5e6002bcf7b64f05ffee85c4b82.png)
A malvertising campaign dubbed MadMxShell is exploiting Google Ads to push fake websites, delivering a Windows backdoor zero-day exploit.
The campaign is the first recorded instance of a Windows backdoor being successfully deployed via malvertising.
MadMxShell is capable of file manipulation, collecting system data, executing commands, and uses evasion techniques.
The operation began in June 2023, posing a serious risk to cybersecurity.
The perpetrator is active on criminal forums, hinting at plans for a sustained malvertising operation.
The campaign exploits Google Ads threshold accounts to defer payment until a set limit is reached, enabling prolonged malicious ad runs.
Summary based on 2 sources
Get a daily email with more Tech stories
Sources
![Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor](https://cdn.brief.news/images/links/1f68f6b549ddb314ce80099b86eafc9beb0684ec38cbed0d08d98c86f9c903409d7aeef51645e56adf83f0402b0212022252d5e6002bcf7b64f05ffee85c4b82.png)
The Hacker News • Apr 18, 2024
Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor![Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor](https://cdn.brief.news/images/links/853f05cc998aa6937139b177527e297dd1e6b97db6da75ba5e77fbc12cb507bbaea7fbe82e58fee73fab92e3979ebf28145ef70b32ff9bf082952d43e4809bb5.png)
OODA Loop • Apr 18, 2024
Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor