A recent malvertising campaign has targeted Slack users by leveraging Google’s ad platform. The attackers created a fake ad that initially appeared legitimate, redirecting users to Slack’s official site. However, after days of inactivity, the ad began directing users to a fraudulent website designed to mimic Slack and deliver malware.
This campaign demonstrates the patience and sophistication of modern threat actors. They used cloaking techniques and multiple redirections to avoid detection, ultimately delivering a remote access Trojan. The cybersecurity community must remain vigilant, as attackers continue to exploit platforms like Google Ads to reach their targets.