1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Hackers hijack Google Ads to spread phishing campaign spoofing to

    From TechnologyDaily@1337:1/100 to All on Thursday, May 07, 2026 12:45:26
    Hackers hijack Google Ads to spread phishing campaign spoofing top GoDaddy tool

    Date:
    Thu, 07 May 2026 11:35:00 +0000

    Description:
    A fake ManageWP site is being advertised on Google, leading to credential theft.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Cybercriminals are abusing Google Ads to lure ManageWP users to fake login pages The phishing flow captures credentials and 2FA codes, relaying them to attackercontrolled Telegram accounts Researchers found a custom Russianlanguage phishing framework, with at least 200 confirmed victims so far Cybercriminals are targeting ManageWP users through a series of malicious Google Ads sponsored search results, security researchers have claimed.

    ManageWP is GoDaddys cloud-based service that lets users manage multiple WordPress sites from a single dashboard. Its users include web developers, agencies running multiple websites for their clients, and enterprises needing more than one site for their business. According to data on WordPress.org, ManageWPs plugin is installed on more than a million active websites.
    Security researchers from Guardio Labs said they found a fake landing page designed to trick users into sharing not just their login credentials, but
    2FA codes, as well. The miscreants managed to advertise the page on Google,
    so whenever someone searches for ManageWP (or, presumably, similar services too), they are shown a dangerous result at the very top. You may like This
    new cybercrime platform lets hackers run malicious Google Ads and hide from Google's screening process Watch out - that Google Tasks email could be a scam, and land you in hot water at work Hackers hijack WordPress sites to spread malware using fake CAPTCHA Latest Videos From Russian threat actors? Those who dont spot the scam (by analyzing the URL theyre being redirected
    to) are shown a site that looks almost identical to the legitimate one, and
    if they log in - their credentials are relayed into a controller-owned Telegram account.

    Guardio Labs also said they were able to access the threat actors command-and-control (C2) infrastructure, seeing a dropdown menu that allows for an interactive, modular phishing flow. However, the platform doesnt seem to be a part of a commodity kit - the researchers believe this is a private phishing framework.

    The researchers did not attribute the attack, or the platform, to any
    specific threat actor, but they did find something curious. The platform contains a user agreement, written in Russian, in which the creator rejects any responsibility for illegal conduct and states that the platform is built for educational and research use only.

    The terms of service also prohibit the platform to be used against Russians, and the generated data to be publicly leaked. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me
    with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    At the time of writing, at least 200 victims have been confirmed. All of them have been warned about the attack.

    Via BleepingComputer The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/hackers-hijack-google-ads-to-spread-phi shing-campaign-spoofing-top-godaddy-tool


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)