The SteelClover Group is Spreading Malware via Google Ads in Japan
The SteelClover Group is Spreading Malware via Google Ads in Japan
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
SteelClover is a malicious attack group that has been active since 2019 and has been observed to conduct various attacks for financial gain. SteelClover recently saw a rise in malware downloading incidents through Google Ads at Japanese companies. It is responsible for the Malsmoke campaign, which uses malware such as Batloader. The group is known for information theft and has been linked to eventual ransomware execution.