MadMxShell Exploit: Malvertising Campaign Hijacks Google Ads to Deploy Windows Backdoor

April 19, 2024
MadMxShell Exploit: Malvertising Campaign Hijacks Google Ads to Deploy Windows Backdoor
Tech
Tech
Cybersecurity
Cybersecurity

  • A malvertising campaign dubbed MadMxShell is exploiting Google Ads to push fake websites, delivering a Windows backdoor zero-day exploit.

  • The campaign is the first recorded instance of a Windows backdoor being successfully deployed via malvertising.

  • MadMxShell is capable of file manipulation, collecting system data, executing commands, and uses evasion techniques.

  • The operation began in June 2023, posing a serious risk to cybersecurity.

  • The perpetrator is active on criminal forums, hinting at plans for a sustained malvertising operation.

  • The campaign exploits Google Ads threshold accounts to defer payment until a set limit is reached, enabling prolonged malicious ad runs.

Summary based on 2 sources

Get a daily email with more Tech stories

Sources

Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

The Hacker News • Apr 18, 2024

Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor
Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

OODA Loop • Apr 18, 2024

Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

More Stories