Google Adwords Falls Victim to Cyber Criminals - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Cybersecurity

Google Adwords Falls Victim to Cyber Criminals

Exploit Prevention Labs has uncovered hard evidence that cybercriminals are using Google AdWords to infect unsuspecting users with malware

ATLANTA -- Researchers at security software developer Exploit Prevention Labs ( have uncovered hard evidence that cybercriminals are using Google AdWords to infect unsuspecting users with malware. Under the guise of ads for legitimate, trusted organizations like The Better Business Bureau (see screen shot at ), unsuspecting users are instead redirected to malicious sites that attempt to install exploits and other malware.

Roger Thompson, Exploit Prevention Labs' CTO, reported his findings yesterday on his blog at

Exploit Prevention Labs first learned of this new attack vector April 10 when a user of the company's LinkScanner Pro safe surfing software ran a Google search on the phrase "how to start a business." The top-ranked sponsored search listing appeared to be from, a legitimate business, yet the hyperlink actually led to a site that attempted to install a password--stealing keylogger on the user's PC. LinkScanner Pro blocked the threat and automatically reported the discovery back to Exploit Prevention Labs researchers, who launched an immediate investigation.

Thompson's team discovered that, on April 2 or 3, a known-bad organization registered the domain name By April 10, the organization had opened a Google AdWords account and purchased campaigns for various search terms. Although each of the ads displayed a trusted hyperlink, clicking on the link redirected the user to before sending them on to their intended destination.

Although Google has terminated this particular offending account, the discovery highlights problems facing all sponsored search vendors - how to determine the legitimacy of any individual advertiser, and how to determine whether a redirected link is being used legitimately.

Exploit Prevention Labs

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll