Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

April 18, 2024 at 01:10AM A new malvertising campaign by Google uses multiple fake domains to distribute the backdoor “MadMxShell,” targeting users searching for IP scanning and IT management software. The Windows backdoor is distributed through JavaScript code and DLL side-loading, using DNS MX queries for command-and-control. The threat actor’s origins and motivations are currently … Read more