Bradley Duncan and Zach Diehl of Unit 42 have discovered a malware campaign using Bing ads to direct users to fake software pages and upload malware. One example found on 22 January 2025 led users to a fake Microsoft Teams download page where a seemingly innocuous JavaScript file was downloaded, which then downloaded further malware files to the user’s system. The researchers emphasise the importance of checking URLs and avoiding clicking on ads when downloading software.
GitHub malware campaign uses SEO tricks to steal browser data – Digital Watch Observatory
GitHub malware campaign uses SEO tricks to steal browser data Digital Watch Observatory
