Discussion in 'malware problems & news' started by ronjor, Jul 31, 2021.
Dan Goodin - 7/31/2021
Very clever attack, this could have fooled lots of people. But Google should really be screening this stuff, shame on them.
I don't get it @Rasheed187- All these such findings like @ronjor posted. and there are oddle many others. These, and others, (not just nuisances either), is bordering on the exact same frequency and level as what we was up against in Windows 98 when it was 32Bit and rather easy pickings for anyone to get infected or a ton of malware express delivered by just being hooked up "Live" to the internet.
Am I overstating matters or is there a vast similarity that's literally overtaking it just like back on Windows 98. Be it browser techniques or what have you. Sheez.
It looks like the IDN Safe extension is still useful.
Which browsers need such extension?
In Firefox one can set about:config network.IDN_show_punycode true to force Firefox to show Punycode when it is used.
I don't know about anyone else in these forums, but I never, ever click on any of the Google Ad - links when I search for something.
I didn't realise that but IDN Safe blocks the website but you can then whitelist or temporarily allow it.
It works in Firefox and Chromium based browsers.
I would guess most of us use a content blocker that blocks such results.
Good point. I use uBlock and I never see those, but on my employer-provided COE device, for example, I do see them.
I don´t see them because of contect blockers, but when I do on other machines, I never click on fake Ad results but scroll down to the first real search results. I know people who click on the Ad results though.
I have to disagree for this case. Yes in other use cases Bravė.com might not be noticed instead of Brave.com, however you would first have to click on the mckelveytees.com result, and that is a lot more noticeable. And the malicious exe file was inside an ISO, so more steps are needed to open it and it is more suspicious.
I do click on them, for the simple reason that they are often quite useful. I have no problem with these kind of ads, they are not annoying to me. Well, what is annoying is that uBlock sometimes block access to those links.
I find they typically result in malicious content.
Not with me, they usually direct me to relevant webshops. However, it's unacceptable that Google isn't screening this stuff, because a few years back criminals did the same with a Dutch online bank named Knab, and people actually lost money. Apparently they didn't make use of 2FA, so they entered their credentials on a fake website which looked like the real Knab homepage, that came up via Google Ads.
Separate names with a comma.