A new malvertising campaign is targeting corporate users who are downloading the popular web conferencing software Webex. Threat actors have bought an advert that has been online for almost a week and that impersonates Cisco’s brand and is displayed first when performing a Google search. The malware being used in this campaign is BatLoader, a type of loader that is very good at evading detection.

Note that Webex has not been compromised, this is a malicious campaign where threat actors are impersonating well-known brands to distribute malware.