Jérôme Segura
@jeromesegura.com
Security researcher with a special interest for web threats.
Also, this seems like a small feature but much appreciated:
April 30, 2025 at 4:24 AM
Also, this seems like a small feature but much appreciated:
April 12, 2025 at 3:46 AM
If you manage #wordpress sites using #managewp, watch out for this #phishing campaign via #googleads.
-> menagewp[.]com (ad URL and redirect)
-> orion[.]manaqewp[.]com (phishing page)
-> menagewp[.]com (ad URL and redirect)
-> orion[.]manaqewp[.]com (phishing page)
March 24, 2025 at 10:36 PM
If you manage #wordpress sites using #managewp, watch out for this #phishing campaign via #googleads.
-> menagewp[.]com (ad URL and redirect)
-> orion[.]manaqewp[.]com (phishing page)
-> menagewp[.]com (ad URL and redirect)
-> orion[.]manaqewp[.]com (phishing page)
Scammers are happily abusing multiple platforms at once thanks to lack of controls.
Who's going to protect users here? Google? Facebook?
Who's going to protect users here? Google? Facebook?
March 11, 2025 at 5:50 PM
Scammers are happily abusing multiple platforms at once thanks to lack of controls.
Who's going to protect users here? Google? Facebook?
Who's going to protect users here? Google? Facebook?
PayPal’s “no-code checkout” abused by scammers
www.malwarebytes.com/blog/scams/2...
#malvertising #techsupportscams
www.malwarebytes.com/blog/scams/2...
#malvertising #techsupportscams
February 28, 2025 at 2:45 AM
PayPal’s “no-code checkout” abused by scammers
www.malwarebytes.com/blog/scams/2...
#malvertising #techsupportscams
www.malwarebytes.com/blog/scams/2...
#malvertising #techsupportscams
SecTopRAT bundled in Chrome installer distributed via Google Ads
📖
www.malwarebytes.com/blog/news/20...
⚠️
sites[.]google[.]com/view/gfbtechd/
chrome[.]browser[.]com[.]de/GoogleChrome.exe
#malvertising #SecTopRAT
📖
www.malwarebytes.com/blog/news/20...
⚠️
sites[.]google[.]com/view/gfbtechd/
chrome[.]browser[.]com[.]de/GoogleChrome.exe
#malvertising #SecTopRAT
February 20, 2025 at 9:51 PM
SecTopRAT bundled in Chrome installer distributed via Google Ads
📖
www.malwarebytes.com/blog/news/20...
⚠️
sites[.]google[.]com/view/gfbtechd/
chrome[.]browser[.]com[.]de/GoogleChrome.exe
#malvertising #SecTopRAT
📖
www.malwarebytes.com/blog/news/20...
⚠️
sites[.]google[.]com/view/gfbtechd/
chrome[.]browser[.]com[.]de/GoogleChrome.exe
#malvertising #SecTopRAT
If you are a developer and use #homebrew, beware of this fraudulent ad on Google.
⚠️
Fake site: brewsh[.]org
Malicious curl command: hxxps[://]raw[.]brewsh[.]org/Homebrew/install/HEAD/install[.]sh
Atomic Stealer (AMOS): www.virustotal.com/gui/file/389...
⚠️
#malvertising #atomicstealer
⚠️
Fake site: brewsh[.]org
Malicious curl command: hxxps[://]raw[.]brewsh[.]org/Homebrew/install/HEAD/install[.]sh
Atomic Stealer (AMOS): www.virustotal.com/gui/file/389...
⚠️
#malvertising #atomicstealer
February 8, 2025 at 3:26 AM
If you are a developer and use #homebrew, beware of this fraudulent ad on Google.
⚠️
Fake site: brewsh[.]org
Malicious curl command: hxxps[://]raw[.]brewsh[.]org/Homebrew/install/HEAD/install[.]sh
Atomic Stealer (AMOS): www.virustotal.com/gui/file/389...
⚠️
#malvertising #atomicstealer
⚠️
Fake site: brewsh[.]org
Malicious curl command: hxxps[://]raw[.]brewsh[.]org/Homebrew/install/HEAD/install[.]sh
Atomic Stealer (AMOS): www.virustotal.com/gui/file/389...
⚠️
#malvertising #atomicstealer
December 28, 2024 at 12:20 AM
December 27, 2024 at 10:47 PM
Malicious Google ad for #Freecad
⚠️
freecad3dmodeling[.]com
freecad3d-download[.]com
hxxps[://]3d-digitals[.]org/downloads/guthub/FreeCAD_Setup_2[.]0[.]74_win_x64[.]zip
#malvertising
⚠️
freecad3dmodeling[.]com
freecad3d-download[.]com
hxxps[://]3d-digitals[.]org/downloads/guthub/FreeCAD_Setup_2[.]0[.]74_win_x64[.]zip
#malvertising
December 22, 2024 at 12:43 AM
Malicious Google ad for #Freecad
⚠️
freecad3dmodeling[.]com
freecad3d-download[.]com
hxxps[://]3d-digitals[.]org/downloads/guthub/FreeCAD_Setup_2[.]0[.]74_win_x64[.]zip
#malvertising
⚠️
freecad3dmodeling[.]com
freecad3d-download[.]com
hxxps[://]3d-digitals[.]org/downloads/guthub/FreeCAD_Setup_2[.]0[.]74_win_x64[.]zip
#malvertising
December 19, 2024 at 10:35 PM
December 18, 2024 at 8:36 PM
December 18, 2024 at 8:34 PM
December 17, 2024 at 6:09 PM
December 17, 2024 at 6:07 PM
December 17, 2024 at 5:01 PM
December 16, 2024 at 11:11 PM
Malicious Google ad for Malwarebytes
⚠️
hxxps[://]sites[.]google[.]com/view/dexters-antivirus/home
#malvertising
⚠️
hxxps[://]sites[.]google[.]com/view/dexters-antivirus/home
#malvertising
December 16, 2024 at 5:55 PM
Malicious Google ad for Malwarebytes
⚠️
hxxps[://]sites[.]google[.]com/view/dexters-antivirus/home
#malvertising
⚠️
hxxps[://]sites[.]google[.]com/view/dexters-antivirus/home
#malvertising
Malicious Google ad for New York Life
⚠️
alicehotels[.]com[.]ng
eddutvolkinang[.]com/online/
#malvertising #phishing
⚠️
alicehotels[.]com[.]ng
eddutvolkinang[.]com/online/
#malvertising #phishing
December 16, 2024 at 5:16 PM
Malicious Google ad for New York Life
⚠️
alicehotels[.]com[.]ng
eddutvolkinang[.]com/online/
#malvertising #phishing
⚠️
alicehotels[.]com[.]ng
eddutvolkinang[.]com/online/
#malvertising #phishing
December 16, 2024 at 4:24 AM
December 13, 2024 at 11:34 PM
December 13, 2024 at 9:36 PM
December 13, 2024 at 7:27 PM
Malicious Google ad for PayPal
⚠️
https[:]//sites[.]google.com/view/pay-pal-helpcustomerservic/
#malvertising
⚠️
https[:]//sites[.]google.com/view/pay-pal-helpcustomerservic/
#malvertising
December 13, 2024 at 7:10 PM
Malicious Google ad for PayPal
⚠️
https[:]//sites[.]google.com/view/pay-pal-helpcustomerservic/
#malvertising
⚠️
https[:]//sites[.]google.com/view/pay-pal-helpcustomerservic/
#malvertising
Malicious Google ad for Microsoft
⚠️
hxxps[://]sites[.]google[.]com/view/micrlochus1011/home
#malvertising
⚠️
hxxps[://]sites[.]google[.]com/view/micrlochus1011/home
#malvertising
December 12, 2024 at 9:49 PM
Malicious Google ad for Microsoft
⚠️
hxxps[://]sites[.]google[.]com/view/micrlochus1011/home
#malvertising
⚠️
hxxps[://]sites[.]google[.]com/view/micrlochus1011/home
#malvertising