• Technology

    This devious malware has jumped from Meta over to Google Ads and YouTube to spread – here’s how to stay safe

    AnyFans Posted on

    By Sead Fadilpašić

    Copyright techradar

    This devious malware has jumped from Meta over to Google Ads and YouTube to spread - here's how to stay safe

    Skip to main content

    Tech Radar Pro

    Tech Radar Gaming

    Close main menu

    the business technology experts

    België (Nederlands)

    Deutschland

    North America

    US (English)

    Australasia

    New Zealand

    View Profile

    Search TechRadar

    Expert Insights

    Website builders

    Web hosting

    Best web hosting
    Best office chairs
    Best website builder
    Best antivirus
    Expert Insights

    Don’t miss these

    Major new malware strain targets crypto users via malicious ads – here’s what we know, and how to stay safe

    Over 11,000 Android devices hit by fake login RAT hidden in Meta Ads and fake Google Play store

    A huge Android ad fraud network was distributing malware through 224 apps – until Google fought back

    Hundreds of Android apps band together in massive scam campaign targeting millions – here’s what we know

    Hackers are distributing a fake PDF Editor loaded with TamperedChef credential stealing malware

    Fake TikTok shops found spreading malware to unsuspecting victims – here’s how to stay safe

    Vicious malware found in Android apps with over 19 million installs – here’s how to stay safe

    Dangerous Android malware targets US banking apps – 50,000 people already affected, make sure you’re not next

    VPN Privacy & Security
    This fake VPN could have been spying on you all this time

    Criminals are targeting hundreds of legitimate banking & crypto apps using an advanced virtualization technique — here’s how to stay safe

    New DoubleTrouble banking trojan spreads via Discord – so be on your guard

    Criminals are using a dangerous fake free VPN to spread malware via GitHub – here’s how to stay safe

    A popular fake Telegram Premium site has been flooding the web with malware – here’s how to stay safe

    Keep an eye on your Meta Business account, these fake extensions could steal your credentials

    Over 250 malicious apps found targeting Android users in worrying attack – here’s how to stay safe

    This devious malware has jumped from Meta over to Google Ads and YouTube to spread – here’s how to stay safe

    Sead Fadilpašić

    26 September 2025

    Fake TradingView Premium ads are expanding

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

    (Image credit: Shutterstock)

    Malicious TradingView ads spread from Meta to YouTube via hijacked accounts and fake videos
    Android users were targeted with Brokewell malware capable of stealing data and enabling remote access
    YouTube campaign now drops Trojan.Agent.GOSL through custom downloader

    If you remember the fake TradingView adware campaign recently spotted on Meta, then bad news, experts have found it has now expanded through GoogleAds to YouTube.

    Security researchers Bitdefender discovered a major malvertising campaign on Meta’s network after threat actors managed to compromise a Facebook Business account belonging to a design agency in Norway, using it to run at least 75 malicious ads that promoted a fake “TradingView Premium” app.
    The fake app, targeting specifically Android users, delivered Brokewell, a piece of malware capable of capturing login credentials through overlay screens, as well as intercepting session cookies. It can also log a wide range of user actions, such as touches, swipes, and text inputs, and can grab information such as call logs, geolocation, audio calls, and more. Finally, the newer variants can serve as full-blown remote access trojans (RAT), allowing attackers remote control over the device.

    You may like

    Major new malware strain targets crypto users via malicious ads – here’s what we know, and how to stay safe

    Over 11,000 Android devices hit by fake login RAT hidden in Meta Ads and fake Google Play store

    A huge Android ad fraud network was distributing malware through 224 apps – until Google fought back

    Stealing YouTube accounts
    Now, almost a month later, the researchers found a legitimate YouTube account that was hijacked and rebranded to look almost identical to the real TradingView account. The crooks uploaded videos promoting the same fake platform, but kept them unlisted to avoid public scrutiny, being flagged and ultimately – taken down.

    One such video garnered more than 180,000 views in just a few days, showing just how potent the malvertising campaign really is.
    There is no way of knowing how many people actually fell for the trick and installed malware on their devices, but we do know that Brokewell is not the one being distributed via YouTube.
    Instead, the campaign delivers a custom downloader that eventually drops Trojan.Agent.GOSL, also known as JSCEAL and WeevilProxy.

    Are you a pro? Subscribe to our newsletter
    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
    Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
    The best way to stay safe is to use common sense and to not trust ads offering premium versions of different tools for free.
    Furthermore, users should check if the videos are unlisted, or lead to third-party download links. Software should only be downloaded from official sites, and suspicious ads should be reported to Google or YouTube.
    TradingView is a globally recognized platform for tracking financial markets, making charts, and sharing trading ideas.
    You might also like

    Trying to strike it big? Beware, that TradingView app could be malware
    Take a look at our guide to the best authenticator app
    We’ve rounded up the best password managers

    Sead Fadilpašić

    Social Links Navigation

    Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

    You must confirm your public display name before commenting

    Please logout and then login again, you will then be prompted to enter your display name.

    Major new malware strain targets crypto users via malicious ads – here’s what we know, and how to stay safe

    Over 11,000 Android devices hit by fake login RAT hidden in Meta Ads and fake Google Play store

    A huge Android ad fraud network was distributing malware through 224 apps – until Google fought back

    Hundreds of Android apps band together in massive scam campaign targeting millions – here’s what we know

    Hackers are distributing a fake PDF Editor loaded with TamperedChef credential stealing malware

    Fake TikTok shops found spreading malware to unsuspecting victims – here’s how to stay safe

    Latest in Security

    Watch out – hackers are using AI to make phishing emails even more convincing

    Nearly 150,000 patient records exposed in major healthcare data breach – here’s what we know

    Microsoft flags dangerous XCSSET macOS malware targeting developers – so be on your guard

    US Government tells agencies to patch Cisco firewalls immediately, or face attack

    “AI security is identity security” – how Okta is weaving agents into the security fabric

    UK government says a new AI tool helped it recover almost £500 million in fraud losses – and now it’s going global

    Latest in News

    Quordle hints and answers for Saturday, September 27 (game #1342)

    NYT Strands hints and answers for Saturday, September 27 (game #573)

    The UK wants mandatory digital ID – but over one million Brits are demanding to scrap the plan over privacy concerns

    NYT Connections hints and answers for Saturday, September 27 (game #839)

    How to watch Ballerina online from anywhere

    Facebook and Instagram will soon let UK users pay to avoid ads, but this is one subscription I won’t be signing up for

    LATEST ARTICLES

    Watch out – hackers are using AI to make phishing emails even more convincing

    Walmart has an RTX 5070 gaming PC on sale for $1,099 right now – yep, really

    The UK wants mandatory digital ID – but over one million Brits are demanding to scrap the plan over privacy concerns

    Microsoft flags dangerous XCSSET macOS malware targeting developers – so be on your guard

    Facebook and Instagram will soon let UK users pay to avoid ads, but this is one subscription I won’t be signing up for

    TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

    Contact Future’s experts

    Terms and conditions

    Privacy policy

    Cookies policy

    Advertise with us

    Web notifications

    Accessibility Statement

    Future US, Inc. Full 7th Floor, 130 West 42nd Street,

    Please login or signup to comment

    Please wait…

    You Might Also Like