The SteelClover Group is Spreading Malware via Google Ads in Japan

Threat Advisories

The SteelClover Group is Spreading Malware via Google Ads in Japan

Threat Level
Attack Report

For a detailed threat advisory, download the pdf file here

Summary

SteelClover is a malicious attack group that has been active since 2019 and has been observed to conduct various attacks for financial gain. SteelClover recently saw a rise in malware downloading incidents through Google Ads at Japanese companies. It is responsible for the Malsmoke campaign, which uses malware such as Batloader. The group is known for information theft and has been linked to eventual ransomware execution.