Another Fake Google Domain: fonts.googlesapi.com

Our Remediation team lead Ben Martin recently found a fake Google domain that is pretty convincing to the naked eye.

The malicious domain was abusing the URL shortener service is.gd: shortened URLs were being injected into the posts table of the client’s WordPress database.

Whenever the infected WordPress page loads, the actual content is obscured behind the is.gd shortener, which obtains content from the fake Google domain: fonts[.]googlesapi[.]com

Fake Google Domain Leveraged in Obfuscation Attempts

In terms of the registration date (2018-11-27), this domain is not that new.

Continue reading Another Fake Google Domain: fonts.googlesapi.com at Sucuri Blog.

Read more: Another Fake Google Domain: fonts.googlesapi.com

Story added 2. December 2019, content source with full text you can find at link above.

Comments are closed.

More antivirus and malware news?

2017 Antivirus News | Powered by WordPress | Fluxipress Theme | Show My IP Address, check blacklists | Free Favicon, Android and Apple Icon Generator | Bitcoin and Crypto Currency News