Malvertisers Using Google Ads to Target Users Searching for Popular Software

A new malvertising campaign utilizing Google Ads targets users searching for Notepad++ and PDF converters, showing them fake ads that redirect them to a replica site of the software. If a user is deemed a target, the malware fingerprints the system. Targets are provided a unique ID and the final-stage malware establishes a connection remotely to distribute additional malware. This is an evolution in malvertising, showing a combination of evasion techniques and decoy pages.