Malicious fake Google Authenticator ads have been created by threat actors to distribute GitHub-hosted malware with a click, according to SC Media.
Utilizing GitHub has established legitimacy for the hosted malicious Authenticator.exe file, which was found within the "authgg" repository established by a threat actor under the name "authe-gogle," a Malwarebytes report showed.
Such findings have led Malwarebytes researchers to urge software downloads exclusively from official repositories and not from ads. Increasingly sophisticated malware ads and deep fakes brought upon by artificial intelligence should prompt organizations' cybersecurity teams to bolster malvertising awareness and training campaigns among employees, implement endpoint security improvements, and conduct consistent policy updates and audits, noted Anne Cutler of Keeper Security.
Similar challenges in identifying legitimate ads have also been noted by Qualys Threat Research Unit Cyber Threat Director Ken Durham, who recommended against device jailbreaking and advised app installation from official channels to avert risks.
