Pushpaganda Operation Exploits Google Discover with AI-Generated Scams

Severity: High (Score: 68.0)

Sources: Pymnts, www.humansecurity.com, Gbhackers, Cybersecuritynews

Summary

A new cyber operation named Pushpaganda is exploiting Google Discover to deliver malicious notifications to users globally. Attackers have created approximately 113 fake domains filled with AI-generated articles designed to manipulate users into allowing persistent browser notifications. This operation has been observed generating 240 million bid requests in a single week, affecting users in countries including India, the U.S., Australia, Canada, South Africa, and the U.K. The attack leverages sensationalist headlines to attract clicks, enabling the delivery of scareware, fake legal threats, and financial scams through notifications. Google has confirmed that it has deployed a fix after being alerted by HUMAN Security, but the operation had already reached significant scale before enforcement. The AI-generated content used in this scheme is difficult to distinguish from legitimate articles, complicating detection efforts. As a result, users are exposed to various scams, including impersonated calls and false alerts. Key Points: • Pushpaganda uses AI-generated content to exploit Google Discover for malicious purposes. • The operation has generated 240 million bid requests in one week, affecting multiple countries. • Google has implemented a fix, but the attack had already reached a large scale before detection.

Key Entities

• Malware (attack_type)
• Phishing (attack_type)
• Pushpaganda (campaign)
• Google (company)
• Australia (country)
• Canada (country)
• India (country)
• South Africa (country)
• Android (platform)
• Google Discover (platform)
• Chrome (tool)