That ChatGPT Google ad may be hiding some nasty malware

If you stumble upon a Google ad promoting a website where you could download well-known, or made-up software, be very careful, as it very well might just be a malvertising campaign.

RomCom is a backdoor malware that can do all sorts of nasties, from running cmd.exe, to dropping more malicious payloads on the target endpoint, from exfiltrating data from the compromised devices, to running AnyDEsk in a hidden window, from compressing and sending folders to hackers’-owned servers, to setting up a proxy via SSH.