Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Crooks abused Google AdSense network to deliver malware on Android Devices

Security experts from Kaspersky spotted a malware-based campaign that abused the Google Adsense Advertising network to spread a malicious code. Mobile malware is becoming an even more insidious threat, security experts are observing a rapid diffusion of spyware that is able to steal sensitive data from victim’s mobile devices. Very common are also malware that impersonates […]

Crooks abused Google AdSense network to deliver malware on Android Devices

Security experts from Kaspersky spotted a malware-based campaign that abused the Google Adsense Advertising network to spread a malicious code.

Mobile malware is becoming an even more insidious threat, security experts are observing a rapid diffusion of spyware that is able to steal sensitive data from victim’s mobile devices.

Very common are also malware that impersonates login pages of most popular applications and websites in the attempt of tricking users to provide their login credentials. Such kind of malware is able to steal private data, including banking credentials and social media account credentials.

Recently malware researchers from Kaspersky have spotted a new hacking campaign that abused Google AdSense to deliver a malware on Android devices. The malware is delivered on the victim’s mobile device when they visit certain Russian websites, even without user’s interaction.

The malicious code asks for admin rights and attempts to steal user credentials via displaying bogus login pages. The malware is able to perform other malicious operations, such as intercepting and deleting text messages.

“By simply viewing their favorite news sites over their morning coffee users can end up downloading last-browser-update.apk, a banking Trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q. There you are, minding your own business, reading the news and BOOM! – no additional clicks or following links required. And be careful – it’s still out there!” reads a blog post published by Kaspersky.

Android malware Google adsense 3

The malware leverages on the Google AdSense advertising network to spread itself and many websites use this ad network.

Google has promptly fixed the problem, according to an email to  a Google spokesman there is no indication that other websites are affected by the malware.

“The issue has since been resolved, a Google spokeswoman said in an email, adding that there’s no indication the attack ever affected more than one website. The company has said in the past that it works to block malware attacks from third-party ads distributed through its networks. The effort has become increasingly critical as Google and other advertising networks try to dissuade users from filtering out ads altogether with adblocking tools, which also aim to reduce ad-delivered malware and the web beacons used to track users across websites.” states the fastcompany.com.

In order to protect your mobile device keep your mobile OS up to date, install apps only from legitimate app stores and install security solutions.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Android Malware, Google AdSense)