Last month, we reported Microsoft was investigating claims that some ads on Bing were redirecting users to malware. Security firm ThreatTrack Security Labs has once again discovered fraudulent ads on the search engine, after its Labs team identified numerous files named “Snapchat.exe.”
As before, we contacted Microsoft to let them know of the claims. “We appreciate you letting us know about the malware activity on Bing Ads,” a Microsoft spokesperson said in a statement. “We are investigating the claims of fraudulent ads and will take any and all appropriate action to help ensure our customers are protected.”
Last time, ThreatTrack found malware after clicking on ads on the search page that comes up when you type in the query “youtube.” The company noted, however, that the scammers could of course be targeting other keywords; we agreed – the more popular the keywords, the bigger the potential for infection.
Now ThreatTrack has found suspicious activity when searching for Snapchat on Bing. Notice the ad from videonechat(dot)com that comes up at the top:
We have confirmed this ad comes up for us as well when we query Bing. The website the ad links to is quite dodgy: it talks about installing Snapchat, while also listing the program as “Dorgem” in small letters.
ThreatTrack explains what happens if you install it (see the VirusTotal ranking for this threat):
The install offers up a number of ad serving programs, media players and additional software offered up with no relation to Snapchat whatsoever. During testing, we saw Realplayer, GreatArcadeHits, Optimizer Pro, Scorpion Saver and Word Overview. Legitimate programs being bundled with Adware is a common enough tactic, but this is an Optimum Installer bundle where a website serves as clickbait for a deliberately misrepresented app – you most definitely do not get what you’re promised in return for installing numerous pieces of ad-serving software.
Top Image Credit: George Crux