NetDefend IPS
IPS Advisories
NetDefend
Anti-Virus
Anti-Virus Advisories
NetDefend Web Content Filtering
NetDefend IP Reputation
NetDefend Update Center
IPS History
Oct 17, 2024
Oct 09, 2024
Oct 04, 2024
Oct 03, 2024
Sep 25, 2024
Anti-Virus History
Feb 12, 2022
Jan 06, 2022
Oct 23, 2021
Aug 29, 2021
Aug 23, 2021







Home > NetDefend Live > NetDefend IPS Service
NetDefend IPS Service
Print
Advisory ID
48814
Name
Malware.Google.Ad.Leads.To.Fake.7-Zip.Page.A
IPS Signature
Advanced IPS Signature
IPS Group
IPS / ANTIVIRUS / CLAMAV
Issued
Oct 17, 2024
Description
A malicious Google ad directed users to a fake 7-zip website, tricking them into downloading a malware-laced installer. This installer, while appearing legitimate, leverages NSudo and Gpg4win to escalate privileges and decrypt further malicious payloads from Bitbucket. The infection then deploys Redline Stealer, Gozi (ISFB/Ursnif), and GongShell, enabling extensive data theft and potential follow-on attacks, including a possible Cobalt Strike deployment.
Enter your details in the box below to receive an email each time we post a new issue of our newsletter.







Dec 01, 2024