A malicious email campaign uses Google's DoubleClick advertising network to distribute the DesckVB RAT trojan. Cybercriminals exploit legitimate ad links to deceive users and steal personal data, such as bank credentials and passwords. The sophistication of the method highlights the need to exercise extreme digital caution.
How the trojan operates through seemingly safe ads 🛡️
The attack begins with an email containing a link to a DoubleClick ad, a network with a good reputation. By clicking, the user is redirected to a site that downloads the RAT, capable of capturing keystrokes, accessing files, and taking screenshots. Attackers exploit trust in the advertising platform to bypass security filters and antimalware systems.
Because even internet ads want to drain your account 💸
It's no longer enough to distrust emails from Nigerian princes; now even a sale ad can be the Trojan horse. If you see a banner promising 50% off something, think twice before clicking: maybe the only discount will be on your bank balance. Keep your antivirus up to date and your sense of humor, but not your trigger finger on the click.