New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer
The Hacker News | #1 Trusted Source for Cybersecurity News [Uno…
June 22, 2026
Cybersecurity researchers have disclosed details of a new campaign that delivers CastleStealer by means of a previously unreported malware loader dubbed OXLOADER.
According to Elastic Security Labs, the campaign leverages malicious Google Ads as a starting point to distribute the malware. Evidence indicates that the threat actor is likely Russian-speaking and financially motivated, owing to the
Discussion in the ATmosphere