Security researchers warn of a new Google malware scam that could infect Macs


Protect Your Access to the Internet

Credit: Dreamstime

If there’s one thing that computer users can always count on, it’s that hackers will always try to find ways to intrude upon your devices. And according to a report by security specialists Spamhaus and (via Ars Technica), hackers have become more aggressive with attempts to spread malware through Google searches for Mac software.

Essentially, hackers are running ads that appear when using Google to search for software. The Google ads appear at the top of the search results and seem to provide what the user is looking for.

Then the user clicks the ad and goes to a spoofed software download page, and when the user clicks to download, malware is saved to the computer. The most common malware is known as XLoader, which is available for both Windows and macOS. XLoader has previously been used to record keystrokes and steal personal data on infected machines.

Spamhaus has seen an increase in malvertisting over the past few weeks with several popular apps such as Mozilla Thunderbird and Microsoft Teams. In the report, states that there is a great deal of demand for the nefarious ads, so they will likely become even more commonplace.

In its own investigation using a Mac, Ars Technica easily found malvertising in simple Google searches for common software downloads such as visual studio download and Tor download.

Google is aware of the practice and is working to fix the issue. However, it is still extremely widespread as noted by a statement sent to Ars Technica: We are aware of the recent uptick in fraudulent ad activity. Addressing it is a critical priority and we are working to resolve these incidents as quickly as possible.