Overlay Malware Revealed on Google AdSense

18 Aug
Industry, News, Partners

Sipping on your first-morning coffee, and checking the news on your Android, seems pretty harmless right? Wrong. The latest strand of malware can hit any site that uses Google AdSense … and unfortunately that’s a lot of them.

The malware was discovered by Kaspersky Labs, who have identified it as part of the Svpeng family of banking Trojans. According to Kaspersky, “After being installed and launched, it disappears from the list of installed apps and requests the device’s admin rights.” The malware will then begin to steal users’ credentials through fake login screens, as well as take over their text messaging – intercepting, deleting and even sending out texts.


Login screens are getting harder and harder to spot, as attackers are getting better at ensuring the branding is pretty spot on.

Kaspersky determined that the malware was being downloaded through the Google AdSense advertising network. “Be warned, lots of sites use this network – not just news sites – to display targeted advertising to users. Site owners are happy to place advertising like this because they earn money every time a user clicks on it. But anyone can register their ad on this network – they just need to pay a fee.”

In an email to Fast Company, Google maintains that the issue has been resolved, and the malware only ever affected one site. However, if we have learned anything in the history of Information Security – where there is one attack, there is likely to be others. Malvertising and phishing style SMS attacks are only growing in popularity. Cybercriminals are getting smarter too, and their ability to exploit ad networks, even though the world’s most known search engine, is troubling and definitely a cause for concern.


If you are looking for better ways to protect yourself and your company from malware, then you should come check out our Unbelievable Tour in Toronto, with our NextGen Antivirus Partner, Cylance.  We want you to #BYOM (Bring Your Own Malware) to try to stump the CylancePROTECT.

Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.

You can find Secure Sense on Facebook,  LinkedIn and Twitter. Follow us for current company and industry news.