Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead.
Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER.
“The malicious advertisement directs the user to a compromised WordPress website gameeweb[.]com, which redirects the