Friday, May 9, 2025

the executive headlines
logo
  • Home
  • Technology
  • Industry
  • Magazines
  • Our Clients
  • Startup Insights
  • CXOs
  • Leaders Speak
  • Videos
  • News/Blogs
Home

Technology

Industry

Magazines
Our Clients
Startup Insights
CXOs
Leaders Speak
Videos

News/Blogs

Home

Technology

Industry

Magazines
Our Clients
Startup Insights
CXOs
Leaders Speak
Videos

News/Blogs

  1. Home
  2. cyber-security
  3. batloader-malware-use-google-ads-ursnif-vidar-stealer
The executive headlines
FacebookInstagramTwitterlinkedinPinterestyoutube

QuickLinks

About UsContact UsReprint & PermissionDisclaimerPrivacy PolicyAdvertise

Latest Magazines

10 Innovative Companies to Watch in 2024
10 Best Companies to Watch in 2024

Subscribe to Our Newsletter

© 2025 The Executive Headlines. All rights reserved.

BATLOADER Malware Uses Google Ads for Ursnif and Vidar Stealer

batloader-malware-use-google-ads-ursnif-vidar-stealer

“BATLOADER, the malware downloader, has been seen abusing Google Ads to deliver secondary payloads such as Ursnif and Vidar Stealer.”

BATLOADER, the malware downloader, has been seen abusing Google Ads to deliver secondary payloads such as Ursnif and Vidar Stealer. 

Also Read, Google Collaborates with Ecosystem Partners to Enhance SoC Processor Security

eSentire, the cybersecurity firm says, malicious ads are employed to trick a wide array of legitimate apps and services like Spotify, Zoom, Tableau, Adobe, and OpenAPI's ChatGPT.

As the name says, BATLOADER is a loader that distributes next-level malware like banking malware, information stealers, Cobalt Strike, and even ransomware.

One of the significant features of malware is the use of software impersonation tricks for malware delivery.

eSentire said, "BATLOADER continues to see changes and improvement since it first emerged in 2022. BATLOADER targets various popular applications for impersonation. This is no accident, as these applications are commonly found in business networks and thus, they would yield more valuable footholds for monetization via fraud or hands-on-keyboard intrusions."

This is accomplished by setting up similar websites that host Windows installer files impersonating legitimate apps to provoke the infection sequence while a user looking for the software clicks a louse ad on Google’s SERP.

These MSI installer files, when rolled out, execute Python scripts that include the BATLOADER payload to recover the next-stage malware from a remote server. 

This style of working of the malware indicates a slight change from the earlier attack chains seen in December 2022, when the MSI installer files were used to run PowerShell scripts to download the stealer malware. 

When other malware samples were analyzed, eSentire revealed added capabilities that enable the malware to create entrenched access to enterprise networks.

Business News

John Ridding Bids Farewell: The End of an Era at Financial Times

Cleveland-Cliffs CEO Declares War on Japan as He Eyes U.S. Steel Takeover

Harnessing AI: Transforming the Workplace for Enhanced Productivity

Navigating Economic Turbulence: The Inflation Conundrum

Sigma Lithium CEO Holds Firm Amidst Challenging Market, Focuses on Expansion Plans

Featured Companies
logologologologologologologologologologologologologologologologologologologologo

Contact us for our upcoming Awards

why us ?

Elevate your understanding of the world of business with Best Business Magazine and news platform. The Executive Headlines genuinely support all top business leaders and the innovative technological ecosystem that surrounds and engages with them. The company ' logo encapsulates our entire idea; it comprises a magazine for influential business leaders and decision-makers. Offering up-to-the-minute, all-encompassing news coverage, market perspectives, and exclusive dialogues with corporate pioneers, we are your ultimate destination for remaining at the vanguard of the business sphere. Enroll with us today and position yourself at the forefront of business acumen with Best News Platform and Business Magazine