In this case ransomware. ‘Snatch’ Ransom Group Exposes Visitor IP Addresses
And you should never install software that you find via an ad. Certainly not by clicking on the ad. Because how do you know if it is legit? If you want a piece of software, go and search for it, and install it from a recognized place.
And remember: "There ain't no such thing as a free lunch."
The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord.
First spotted in 2018, the Snatch ransomware group has published data stolen from hundreds of organizations that refused to pay a ransom demand. Snatch publishes its stolen data at a website on the open Internet, and that content is mirrored on the Snatch team’s darknet site, which is only reachable using the global anonymity network Tor.
Be safe out there. Me? I use a couple of ad-blockers, so that this kind of thing mostly isn't an issue.
No comments:
Post a Comment
Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.
Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.