Google Suspends Account of Advertiser That Distributed Malware

By  |  March 28, 2025
 | 
Google ads, malware, DeekSeek

Google reportedly suspended the account of an advertiser that was placing sponsored Google ads that pretended to offer access to DeepSeek but actually delivered malware.

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    The criminal’s ads that showed up as sponsored Google search results linked to a website that aimed to look like DeepSeek’s but was fake and delivered a Trojan to the devices of browsers who clicked on a download button, Malwarebytes said in a Wednesday (March 26) blog post.

    Compared to the real DeepSeek website, the post said, “It’s different from the real website, but it looks convincing, nonetheless.”

    A Google spokesperson told Dark Reading Thursday (March 27) that the company has addressed the fake DeepSeek ads.

    “Prior to the publication of this report, our systems detected this malware campaign and we suspended the advertiser’s account,” the spokesperson said, per the report. “We expressly prohibit ads that aim to distribute malware and immediately suspend advertisers who violate this policy.”

    This is the latest of several cyberthreats that have been reported in recent months.

    Advertisement: Scroll to Continue

    Cybersecurity company AppSOC said Feb. 11 that its research unearthed serious threats from DeepSeek’s artificial intelligence (AI) model and that the model was a “Pandora’s Box” of risks.

    AppSOC said its tests found that the DeepSeek model showed a 98.8% failure rate when asked to create malware, an 86.7% failure rate when asked to produce virus code and a 68% failure rate when prompted to generate “responses with toxic or harmful language, indicating poor safeguards.”

    In January, it was reported that Trend Micro found that cyberattackers were using Google and YouTube search results to target people seeking pirated/cracked software.

    For example, on YouTube, scammers were posing as “guides,” claiming to offer software installation tutorials but actually directing their victims to video descriptions or comment sections where they had included links to fake software downloads that led to malware.

    In November, it was reported that cybersecurity researchers uncovered a sophisticated malware campaign that used fake AI video generation software to steal sensitive data from Windows and Mac users.

    Security experts warned that the campaign employed stolen code-signing certificates and professional-looking websites, representing an emerging threat vector as organizations embrace AI content tools.


    Recommended

    20th Century Payments Are Crippling Modern Media’s Growth

    young woman with phone

    18% of Gen Z Turn to BNPL as Credit Plays a Smaller Role

    When AI Agents Go Shopping, Payments Shift to the Start of the Journey

    Economics Professor Says Big Tech Consolidation Drives Efficiency

    See More In: , , , , , , , , , ,