Tech »  Topic »  Hackers are using Google.com to deliver malware by bypassing antivirus software. Here's how to stay safe

Hackers are using Google.com to deliver malware by bypassing antivirus software. Here's how to stay safe

11 hours ago   techradar.com
  • Attackers use real Google URLs to sneak malware past antivirus and into your browser undetected
  • This malware only activates during checkout, making it a silent threat to online payments
  • The script opens a WebSocket connection for live control, completely invisible to the average user

A new browser-based malware campaign has surfaced, demonstrating how attackers are now exploiting trusted domains like Google.com to bypass traditional antivirus defenses.

A report from security researchers at c/side, this method is subtle, conditionally triggered, and difficult for both users and conventional security software to detect.

It appears to originate from a legitimate OAuth-related URL, but covertly executes a malicious payload with full access to the user's browser session.

Malware hidden in plain sight

The attack begins with a script embedded in a compromised Magento-based ecommerce site which references a seemingly harmless Google OAuth logout URL: https://accounts.google.com/o/oauth2/revoke ...


Copyright of this story solely belongs to techradar.com . To see the full text click HERE