HomeWinBuzzer NewsMalware Spread via Google Search and Microsoft Azure Targets Public Figures

Malware Spread via Google Search and Microsoft Azure Targets Public Figures

The campaign targets Android users with fake celebrity news notifications and redirects them to malicious websites.

-

A sophisticated disinformation effort has employed Microsoft Azure and Google Search services to propagate malware and false narratives. According to Bleeping Computer, the operation uses numerous Azure and OVH cloud subdomains and manipulates Google Search notifications to lead users to harmful websites.

Manipulated Search Results Trigger Notifications

Android users have been receiving alerts about updates on topics they had previously searched, such as celebrities. When these notifications are clicked, they redirect users to scam websites masquerading as news articles. For example, a notification regarding Harry Connick, Jr. directed users to multiple sites falsely reporting that he had a stroke. Google’s algorithms, detecting the same topic on various sites, likely flagged it as relevant, leading to notifications for those who had previously searched for Connick.

While these articles appear to discuss celebrity news, their real purpose is to redirect users to sites distributing malware, spam, and fake software. An instance involved a link, hosted on Microsoft’s Azure blob storage, redirecting users to a dubious domain pushing a fraudulent Chrome extension. Other domains have been observed distributing fake virus alerts and counterfeit software downloads. These malicious websites often contain ad-serving scripts and complex JavaScript designed to enhance their deception.

Multiple Public Figures Targeted

The campaign hasn’t limited its scope. Public figures targeted include Bill Paxton, Carol Burnett, Eminem, Tom Hardy, Randy Travis, Sinbad, Kim Porter, and Megan Fox. The malicious articles claim these celebrities have experienced strokes or other health emergencies or state that no official confirmation exists, aiming to redirect unsuspecting visitors to malware-laden sites.

BleepingComputer has identified multiple URLs linked to this campaign, hosted on infrastructures like Azure and OVH. Caution is advised for users encountering search results making bold, unverified claims about celebrities, especially if the information has not been confirmed by reputable news sources.

Last Updated on November 7, 2024 3:15 pm CET

Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
We would love to hear your opinion! Please comment below.x
()
x
Mastodon