A researcher has uncovered a new method of using vulnerable websites to deliver malicious, targeted ads to search engine users, capable of delivering a tsunami of malware that can overwhelm victims completely.
The key is “dynamic search ads,” a feature in which Google uses the content of a website landing page to pair targeted ads with searches. In an Oct. 30 blog post, Jerome Segura, senior director of threat intelligence at Malwarebytes, described how an attacker used a fake software ad on a compromised website to take advantage of this feature, targeting search engine users.
And, remarkably, it all may have been by accident.
“I think the ad itself is really kind of accidental, in the way that it was created. The fact that I saw it [in a Google search], I don’t think the threat actor planned it at all,” Segura posits.
Malvertising With Dynamic Search Ads
“I didn’t see the site first, I saw the ad first,” Segura recalls. He was searching for common keywords used by hackers — often…