Google Surfaces Malware-Laden Fake CPU-Z Installer in Search Results

A malvertising campaign has duped Google search users into downloading a malicious version of the system tool CPU-Z that contains the Redline info-stealing malware. The ads are digitally signed and contain a harmful PowerShell script, making them harder to detect. The scam, running since November 2, targets users via a website hosted by Namecheap and PQ Hosting, although this may have since changed. Similar campaigns using Notepad++ have been traced back to 2021. RedLine Stealer was first identified in March 2020. Challenges to Google’s ad policies and web hosting need to be overcome.