A macOS malware discovered in April has found a new vector of attack, with people searching for software on Google finding malware presented as legitimate ads.
I’m not sure where I said anything about the reason any of those platforms get viruses because you’re right, Windows was often more targeted because its footprint was massive by comparison (whole lotta end users out there, but also tons of domain controllers and enterprise systems running it) - I’m not arguing that.
AMOS itself is distributed in all kinds of ways including phishing, being bundled into crap no-name software, shady ads, tainted torrents, whatever. You still have to be tricked into downloading whatever it is that infects your machine with it.
As to this partially being Google’s fault, from the article itself:
The ads are legitimate and paid for but disguise themselves as the website or software the user is searching for.
In the given example, it sounds like the ad was for Trading View, a pretty popular stock market charting platform, but the ad itself took users to trabingviews.com and it looked like a clone or Trading View’s site or some kind of landing page that purported to be a download for a desktop client. In the Malwarebytes article I share below, the fake URL purporting to be Trading View’s website is actually tradingsview.com
I’m not exactly sure where you’re getting the idea that this was a fake ad caused by malware pre-existing. These are “legit” Google ads that are bought and paid for and not quality checked by Google before they display them.
Here’s the article directly from Malwarebytes, the folks who kindly did the write up the author of the above article is talking about:
My guy, I don’t know what you want from me. A Google ad is purchased in a legitimate manner, but the ad itself actually links to a page where you download malware.
You answered really fast, so you clearly didn’t read the actual source material I linked at the bottom - specifically the Distribution section.
It was already explained in the original article. It’s not what you want to believe but it is the actual situation and I’m not gonna spend forever writing a response because it won’t actually change the fact of you reading things
The “original” article is the one I linked - the one written by the actual security researchers at MalwareBytes who did the research on this malware and then provided the detailed write up (which is what security researchers do). The one shared in the OP is referencing that article.
But it’s all good. All you had to do was tell me you can’t read and I would’ve backed out of this thread like 2 responses ago. :) Have a great night!
I’m not sure where I said anything about the reason any of those platforms get viruses because you’re right, Windows was often more targeted because its footprint was massive by comparison (whole lotta end users out there, but also tons of domain controllers and enterprise systems running it) - I’m not arguing that.
AMOS itself is distributed in all kinds of ways including phishing, being bundled into crap no-name software, shady ads, tainted torrents, whatever. You still have to be tricked into downloading whatever it is that infects your machine with it.
As to this partially being Google’s fault, from the article itself:
In the given example, it sounds like the ad was for Trading View, a pretty popular stock market charting platform, but the ad itself took users to
trabingviews.com
and it looked like a clone or Trading View’s site or some kind of landing page that purported to be a download for a desktop client. In the Malwarebytes article I share below, the fake URL purporting to be Trading View’s website is actuallytradingsview.com
I’m not exactly sure where you’re getting the idea that this was a fake ad caused by malware pre-existing. These are “legit” Google ads that are bought and paid for and not quality checked by Google before they display them.
Here’s the article directly from Malwarebytes, the folks who kindly did the write up the author of the above article is talking about:
https://www.malwarebytes.com/blog/threat-intelligence/2023/09/atomic-macos-stealer-delivered-via-malvertising
I think your should read again. You seemed to understand the parts separately but when they came together you got a bit confused
My guy, I don’t know what you want from me. A Google ad is purchased in a legitimate manner, but the ad itself actually links to a page where you download malware.
You answered really fast, so you clearly didn’t read the actual source material I linked at the bottom - specifically the Distribution section.
It was already explained in the original article. It’s not what you want to believe but it is the actual situation and I’m not gonna spend forever writing a response because it won’t actually change the fact of you reading things
The “original” article is the one I linked - the one written by the actual security researchers at MalwareBytes who did the research on this malware and then provided the detailed write up (which is what security researchers do). The one shared in the OP is referencing that article.
But it’s all good. All you had to do was tell me you can’t read and I would’ve backed out of this thread like 2 responses ago. :) Have a great night!
I mean, at the end of the day the malware is being allowed to install on the computer is it not?