Azure and Google domains hacked to spread disinformation

security
(Image credit: Shutterstock / Askobol)

Cybercriminals have found a new and creative way to push unwanted advertising, malware, and spam, onto netizens, employing Google, Azure, OVH, and other similar services, along with abusing legitimate features designed to improve the user experience.

Researchers from BleepingComputer reported the campaign begins with countless websites hosted on cloud services like Microsoft Azure blob storage and OVH. These websites are then filled with misinformation, “rumors”, and fake news, usually about different celebrities (although the topic list is probably a lot wider).

Once there is enough content about a specific person, across the internet, Google picks up on it. It then puts it into its "new info related to..." feature, and pushes it towards regular internet users.

For those unfamiliar with “new info related to…” - it’s a feature that notifies users when new information emerges, regarding something they previously searched for. So, for example, if a person searched for, and read up on, Tom Hardy, once new articles are published, the person will be notified - regardless of the fact that the information is fake and coming from dubious sources. The push notification will be shown on their smartphones.

But pushing fake news about celebrities is hardly damaging. Instead, the crooks fill the websites with malvertising, promoting suspicious Chrome extensions, redirecting people to untrustworthy websites, and more. In some of the examples seen by BleepingComputer’s reporters, the sites were running ads promoting fake antivirus programs, too.

How Google responds to this remains to be seen, but if previous activity is any indication, it’s bound to make changes. This is not the first Google service to be abused for malware and adware distribution, and in every instance so far, Google swiftly reacted. Until that happens, netizens should exercise caution when going about the internet, even when they interact with their favorite, usually trustworthy services.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.