Although the top Google search results are always advertisements, sometimes they can closely resemble the items you were looking for. It might be tempting to simply click it if you’re feeling too sluggish to browse down a bit. That sort of conduct, nevertheless, may today be regarded as risky. A recent revelation claims that hackers have started inserting bogus website advertisements into Google’s sponsored search results. Your life might be turned upside down by clicking on a seemingly benign link to download VLC. It’s a humiliating predicament for Google, which vows to shield people from situations like these.
A victim who goes by the Twitter handle NFT_God(Opens in a new window) provided the sad source of information about this new scheme to deceive people into installing malware. This individual claims to have 16,000 Substack subscribers, which suggests that they are a form of influencer in the investment and programming industries. They told a lengthy and scandalous story of what transpired when they followed a link to OBS in a sponsored search result, as noticed by BleepingComputer(Opens in a new window). Popular livestreaming software OBS is both open source and free. They went to what appeared to be an official OBS website after clicking a link in the sponsored search results.
They downloaded the bogus OBS, then installed it by double-clicking the.exe file. But nothing appeared to have been installed or take place at all. The would-be streamer assumed it was simply a weird occurrence and proceeded about their work, confused but unconcerned. They learned that their Twitter account had been hijacked several hours later through text message from a buddy. It took many hours after the hacker’s tweets were deleted before they got another disturbing text. This one questioned whether their digital NFT ape had been sold. They discovered that their priceless digital JPEG was possessed by a new wallet after logging into the NFT marketplace OpenSea.
They realised it was all gone at that very time, according to The NFT_God. Digital currencies, NFTs, and everything else that was in their account were all there. They claimed to have suffered a “life-changing” loss of wealth in their letter. The icing on the cake came when the hackers commandeered their Substack and issued phoney links to each and every subscriber. They were able to fix the problem, clean their PC, and reinstall Windows at the same time. Finally, they claim to have learnt their lesson and are prepared to go on.
For a variety of well-known freeware tools, Dormann was nevertheless able to locate search results with malware in them. These consist of 7-Zip, Libre Office, and VLC, among others. From what we can see from Twitter, Google appears to be working to resolve this problem right now. It certainly needs to examine more closely at the techniques it employs to verify the legitimacy of the links it accepts in results, though. From the URL alone, several of them are blatantly bogus. For instance, the URL “videoplaer.com” is used on a bogus KMPlayer website.