Quick! You need to retrieve and install a piece of software. How do you do it? If you’re like most folks, you probably open a browser- oh who am I kidding, you open a new tab on the browser you already had open- type in the name of the software and click on the first viable link.
And that is exactly what the malware advertisers are hoping for. Better known by the portmanteau of malvertising, malware distributors have been finding new and interesting ways to infiltrate the Google Ads served up to the unsuspecting public. Spamhaus has discovered a surge of these ads based off a pseudo random collection of searches. One example cited by Ars Technica was a search for a Visual Studio download, which could be considered by some to be malware in its own right- 12GB for a standard install?!
The top ad shown went to “www[.]downloadstudio[.]net”, which attempted to deliver a malware package. Google does try to stay ahead of the latest techniques that malvertising uses to disguise the source of the download and the domains involved. It seems as though the malware syndicates have the upper hand for this round.
As always, you should ignore all Google Ads and verify the link before downloading any software. Better yet, try using a package manager like Chocolatey or Homebrew.