FIN7 Unleashes Malicious Google Ads Blitz

May 13 2024

.bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; }
.bh__table_cell { padding: 5px; background-color: #FFFFFF; }
.bh__table_cell p { color: #2D2D2D; font-family: ‘Helvetica’,Arial,sans-serif !important; overflow-wrap: break-word; }
.bh__table_header { padding: 5px; background-color:#F1F1F1; }
.bh__table_header p { color: #2A2A2A; font-family:’Trebuchet MS’,’Lucida Grande’,Tahoma,sans-serif !important; overflow-wrap: break-word; }

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that always brings the tackle 🎣

Today’s hottest cybersecurity news stories:

  • πŸ›’ Google Ads hide FIN7’s NetSupport RAT πŸ€

  • ⚠️ Update Google Chrome to patch new flaw 🩹

  • πŸ“± Android apps masquerade as Instagram, WhatsApp 🎭

I smell a RAT πŸ€

🚨 Alert: FIN7 Unleashes Malicious Google Ads Blitz! πŸ›‘πŸ’»

The Menace Strikes Again! πŸ’₯πŸ” The notorious FIN7 strikes with ruthless precision, deploying devious Google ads to ensnare unsuspecting victims in a web of cyber deceit. Spoofing reputable brands, these ads serve as Trojan horses, concealing a sinister payload poised to wreak havoc. 😈πŸ”₯

Brand Impersonation Unveiled! 🎭πŸ‘₯

With cunning finesse, FIN7 impersonates esteemed brands like AnyDesk, WinSCP, and Google Meet, leading users down a treacherous path of deception. Behind the veil of legitimacy lurks a malicious plot, orchestrated to infiltrate and compromise with ruthless efficiency. πŸ•΅οΈβ€β™‚οΈπŸ”’

The Malware Arsenal Unleashed! βš”οΈπŸ›‘οΈ

Armed with a formidable arsenal of custom malware, including DICELOADER and NetSupport RAT, FIN7 strikes fear into the heart of cybersecurity. Leveraging spear-phishing and malvertising tactics, the threat actor orchestrates a relentless assault, sparing no expense in its pursuit of chaos. πŸ’£πŸ”“

A Call to Vigilance! πŸ“£πŸ›‘οΈ

In the face of this escalating threat, vigilance is paramount. Organisations must remain steadfast in fortifying their defences against FIN7's insidious incursions. Through proactive measures and unwavering diligence, we can stem the tide of cyber tyranny and safeguard our digital frontier. πŸ›‘οΈπŸ’»

Stay Alert, Stay Secure! πŸš¨πŸ”’

Together, let us stand united against the scourge of cybercrime, resolute in our determination to protect what matters most. With steadfast resolve and collective vigilance, we can thwart FIN7's malicious designs and emerge stronger, fortified against the perils of the digital realm. πŸ’ͺ🌐

There’s no place like Chrome πŸ’€

πŸ”’ Critical Alert: Zero-Day Vulnerability Exploited in Chrome! πŸš¨πŸ’»

Emergency Security Update Released! πŸ›‘οΈπŸ”“ Google sounds the alarm as a zero-day flaw in Chrome wreaks havoc in the wild! Tracked as CVE-2024-4671, this high-severity vulnerability spells danger, posing a serious risk of exploitation by cyber adversaries. πŸ•΅οΈβ€β™‚οΈπŸ”

Use-After-Free Vulnerability Unveiled! 🚫πŸ’₯

A sinister case of use-after-free in the Visuals component lies at the heart of this security debacle. Unleashed by an anonymous researcher, this flaw leaves Chrome users vulnerable to a spectrum of threats, from system crashes to arbitrary code execution. πŸ˜±πŸ’£

Real-World Exploitation Confirmed! πŸŒπŸ›‘

Google confirms the chilling reality: CVE-2024-4671 is no mere theoretical concernβ€”it's actively being exploited in the wild. The specifics of these attacks remain shrouded in mystery, underscoring the urgency of swift action to mitigate the threat. πŸš¨πŸ”

A Call to Action! πŸ“’πŸ›‘οΈ

Heed Google's call to arms: Update to Chrome version 124.0.6367.201/.202 for Windows and macOS, or version 124.0.6367.201 for Linux without delay. By fortifying your browser defences, you thwart the ambitions of cyber malefactors and safeguard your digital realm. πŸ’ͺπŸ”’

Vigilance Across the Board! πŸŒπŸ”

Chromium-based browser users, including Microsoft Edge, Brave, Opera, and Vivaldi, must remain vigilant. Stay abreast of security updates and apply patches promptly to fortify your defences against emerging threats. Together, we can stem the tide of cyber adversity and emerge stronger. πŸ›‘οΈπŸŒ

Green Energy Meets Bitcoin, Hidden Gem Company

This tiny company has all but cemented itself in the future list of bitcoin mining giants.

An industry shakeup of environmental regulations could spell catastrophe for others, while this company begins to soar.

The underlying factors?

Cheap production and carbon neutral mining.

But that’s just the start of it.

Here’s the real kicker…

To make it easy, simply click the link above to instantly subscribe to Bullseye Trades and get all the details on this stock!

It’s Instascam and WhatsHack πŸ™ƒ

🚨 Alert: Malicious Android Apps Targeting Popular Services! πŸ“±πŸ”’

Urgent Warning Issued by SonicWall Capture Labs! πŸ›‘οΈπŸ”“ Beware! Malicious Android apps are on the prowl, disguised as trusted brands like Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter), seeking to pilfer your credentials and compromise your device's security. πŸ˜±πŸ”

Deceptive Tactics Unveiled! πŸ•΅οΈβ€β™‚οΈπŸ”

These nefarious apps employ famous Android app icons to deceive unsuspecting users into installing them on their devices, perpetrating a sinister scheme of data theft and malware deployment. 😈πŸ’₯

Sinister Capabilities Unleashed! πŸ’£πŸ“²

Granting permissions to accessibility services and the device administrator API grants the rogue app unfettered control over your device, paving the way for a slew of malicious activities, including accessing sensitive data, sending SMS messages, and even toggling the camera flashlightβ€”all without your knowledge or consent. πŸš«πŸ”

Phishing URLs Pose Grave Threat! 🎣🌐

Beware of phishing URLs masquerading as login pages of renowned services like Facebook, GitHub, LinkedIn, Netflix, PayPal, and more! Stay vigilant and avoid falling victim to these crafty ploys designed to lure you into surrendering your credentials unwittingly. πŸš¨πŸ”’

Rising Tide of Android Malware! πŸŒŠπŸ“²

This alarming development follows a slew of Android malware campaigns, including social engineering tactics via WhatsApp and smishing messages aimed at stealing banking data. Exercise caution and fortify your defences against the evolving threat landscape. πŸ’ͺπŸ”

Stay Protected, Stay Vigilant! πŸ›‘οΈπŸ‘€

Remain vigilant and ensure your devices are shielded from malicious apps. Keep your software up to date and exercise caution while downloading apps or clicking on suspicious links. By staying informed and proactive, we can thwart the advances of cyber adversaries and safeguard our digital lives. πŸ”’πŸŒ

πŸ—žοΈ Extra, Extra! Read all about it! πŸ—žοΈ

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • πŸ›‘οΈ Tl;dr sec: Join 30,000+ security professionals getting the best tools, blog posts, talks, and resources right in their inbox for free every Thursday πŸ“…

  • πŸ’΅Β Crypto Pragmatist: Crypto made simple. Actionable alpha in 5 minutes, 3x a week. Join 47,000+ investors and insiders, for πŸ†“

  • πŸ“ˆΒ Bitcoin Breakdown: The best in Bitcoin, carefully curated by an alien from the future πŸ‘Ύ

Let us know what you think.

So long and thanks for reading all the phish!

footer graphic cyber security newsletter

Recent articles