In advertising, Google detected malicious advertising campaign targeting users of Mac computers. This is reported by experts of the research firm Cylance.
According to experts, the scammers acquired in AdWords advertising top places on request “Google Chrome”, and the ad supposedly leads to www.google.com/chrome. In fact, the ad sends users to the address googlechromelive.com where you will find a fake download page.
“Then malicious the download link leads the user on macOS sites ttb.mysofteir.com, servextrx.com and www.bundlesconceptssend.com where the result is a download of the malicious file FLVPlayer.dmg,” write the experts.
Each time you upload a hash of the malware is altered, which complicates its detection and tracking. Experts note that users of Windows-based PC theoretically are also in danger, as in their case there is a redirect on admin.myfilessoft.com. Currently, the website displays an error due to a failure of the DNS, however, attackers can fix it.
As for Mac users, the file FLVPlayer.dmg that masquerades as FLV Player, is actually a Macpurifier rogue security software informing the user of the presence of malware on the system and forces “makovody” to download and install additional applications.
Experts Cylance announced Google about what is happening 25 October 2016, and the campaign in AdWord is already locked. However, all users on macOS who recently searched for Chrome, it is recommended to scan your system for malware.
