Malware in Google Ads: Fake OBS, VLC, Notepad++



Malware ads in Google search for OBS, VLC, Notepad++ and other popular apps that lead to infostealers that can hack all your online accounts! This video contains an in-depth analysis as well as a technique to break down such malware. Try Guardio: https://guard.io/pcsecurity (sponsor)

Buy the best antivirus: https://thepcsecuritychannel.com/best-antivirus
Join the discussion on Discord: http://discord.tpsc.tech/
Get your business endpoints tested by us: http://tpsc.tech/
Contact us for business: https://thepcsecuritychannel.com/contact

source

This Post Has 29 Comments

  1. holyduck

    Bro knows the exact name of every site he will visit in future πŸ’€

  2. Jsnotlout

    I love the deep dives you do! I like too see how everything works. Stay safe everyone

  3. Swetha sree

    I am using k7 Antivirus from the last 8 years, till now i didn't face any problem. From my list the best antivirus software is k7 Antivirus Software. It's top-rated piece of software that has excellent reviews from many cybersecurity experts. K7 Software has excellent protection and is easy to use.

  4. mushy

    Have fun explaining how to do all this to your 80 year old grandma on the phone

  5. Cooljosh3k

    On one hand I expect a virus scanner to do a quick check for long sequences of the same byte, then create a temporary copy with that stripped out. Basically automatically doing what you just did.
    However, on the other hand, these malicious people would start adding random values instead of just 0s.

  6. Cooljosh3k

    I don’t think Google is going to start doing the bare minimum checks until enough people start avoiding ads because of the known risk.

  7. M Royal

    I have seen these "Malvertisements" for years before now. I want to say since 2008 or so that I first noticed in google search "Malvertisements" popped up for popular programs I wanted that were typically free. Is this something that has gotten worse? Has security literacy decreased over time?

  8. Murakumo

    I always open official websites of programs that are listed on Wikipedia.

  9. MOHAMED HAMDY

    when I am trying to download an app from google I don't click the "ad" one I skip them then click the actual one πŸ˜‚

  10. coth

    Edge doesn't even tag those sites as malicious?

  11. Hanzo Hasashi

    Most anti-virus have an option to scan entire files, but "not recommended" is often written beside it. Not sure why… it's probably performance intensive.

  12. Hanzo Hasashi

    Anybody who downloads 1000 random programs on their PC should probably have a separate computer strictly for banking and buying stuff; that's what I do.

  13. Gummiel

    I guess this is just one more reason to never click on the ads on search engines, but go down to the actual search results (which I always done anyway, the notion of ads taking the place of search results always been stupid to me, even in a world where malware wouldn't exist)

  14. Gummiel

    7:28 Sadly a LOT of the people (and the main ones that falls for this) don't know what the domain of whatever they are trying to download is supposed to be (or even what a domain is for that matter)

  15. Felipe 9999

    2:13 IMO online scanners should give a warning when a file is too large for scanning and instruct the user to scan it with their preferred antivirus/antimalware program

  16. SnPulsar

    Could you make a video about virus/malware on a video file, if its possible for an haker to put a virus on a mkv or mp4 video file and how to detect that? Thanks for the great jop!

  17. Espii Ainen

    browsing the internet without adblock is best avoided for a whole host of reasons at this point, even if the ads don't bother you personally

  18. anikanbounty97

    Idiots never learn. Never click an ad. Always manually go there

  19. Artorias

    can info stealer decrypt browser password file if user is not entering password to unlock it?

  20. Qunarai

    U guys are getting ads? (Me using brave)

  21. Nordgaren

    If you delete all the zeros, you could be deleting something that's part of the PE. I use a python script called pecheck, which can extract both the overlay and the original PE.

    Unfortunately the one up on github will spit it out as a bytearray(), but you can nust write it back to disk with Python.

    Helped me analyze the malware that Mutahar found, for which I have a write-up and tool, coming.

  22. James Takac

    This has been happening for some time really. I never click an ad these days. Just don't trust them. May I also suggest installing a script blocker in your browser of choice and only enable scripts you trust on a per site basis and that are required for the site to run

  23. Graham Armitage

    If I am downloading something I normally go directly to the developers website but always scan the files after downloading them before installing.

  24. Happatsch3a

    Actually Malicious ads on Google have been a thing for years by now. Promised free currency for popular Platforms, fake apps and many more.. I don't see legit ads on google much anymore.

  25. Ahmed Ali

    That's why i never press on any ad in google search πŸ˜‚

  26. Amethystin

    secure boi: here is fake app malwar
    me: eting clay from store

  27. Nysyr

    High time AVs start flagging files for large amounts of garbage padding

Leave a Reply