Security experts at Malwarebytes have discovered a malvertising campaign targeting IT administrators using ads for popular utilities like PuTTY and FileZilla.

The campaign distributes various types of malware, including RATs and infostealers, by tricking users into downloading fake versions of legitimate software.

Attackers use copycat websites and misleading ads on search engines to distribute Nitrogen malware, which can lead to data theft and ransomware deployment.

Despite efforts to alert Google, malicious ads continue to appear, employing fake domains and deceptive text to lure victims.

As a deceptive ploy, the campaign uses a 'Rickroll' video to redirect users when the setup is incomplete or detects undesirable traffic.

The malware employs DLL Sideloading within an executable file to load Nitrogen, complicating detection and removal.

The article emphasizes the growing concern over malvertising and the distribution of malware on Google's platforms, urging for more effective countermeasures.