AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud

Summary

Researchers at HUMAN have uncovered Pushpaganda, an AI-driven ad fraud scheme leveraging search engine poisoning and AI-generated content to inject deceptive news stories into Google Discover feeds. The campaign tricks users into enabling push notifications that deliver fake legal threats and scareware, redirecting them to ad-laden sites for illicit revenue generation. The threat has expanded from India to the U.S., Australia, Canada, South Africa, and the U.K., peaking at 240 million bid requests across 113 domains in seven days.

Full text

AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud Ravie LakshmananApr 14, 2026Ad Fraud / Artificial Intelligence Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push deceptive news stories into Google's Discover feed and trick users into enabling persistent browser notifications that lead to scareware and financial scams. The campaign, which has been found to target the personalized content feeds of Android and Chrome users, has been codenamed Pushpaganda by HUMAN's Satori Threat Intelligence and Research Team. "This operation, named for push notifications central to the scheme, generates invalid organic traffic from real mobile devices by tricking users into subscribing to enabling notifications that presented alarming messages," researchers Louisa Abel, Vikas Parthasarathy, João Santos, and Adam Sell said in a report shared with The Hacker News. At its peak, about 240 million bid requests have been associated with 113 domains linked to the campaign over a seven-day period. The threat, although observed targeting India, has since expanded to other regions like the U.S., Australia, Canada, South Africa, and the U.K. The findings demonstrate how threat actors abuse AI to hijack trusted discovery surfaces and turn them into delivery vehicles for scareware, deepfakes, and financial fraud, Gavin Reid, chief information security officer at HUMAN, said. Google has since rolled out a fix to address the spam issue. The entire scheme hinges on the scammers luring unsuspecting users through Google Discover to trick them into visiting misleading news stories filled with AI-generated content. Once a user lands on one of the actor-controlled domains, they are coerced into enabling push notifications that deliver fake legal threats and scams. Specifically, the scareware notifications, once clicked, redirect users to additional sites operated by the threat actors, generating organic traffic to ads embedded in those sites and enabling them to generate illicit revenue. This is not the first time threat actors have weaponized push notifications to redirect to sketchy websites. In September 2025, Infoblox shed light on a threat actor known as Vane Viper that has engaged in systematic push notification abuse to serve ads and facilitate ClickFix-style social engineering campaigns. "Malware-based threats involving push notifications, both for web and mobile platforms, aren't a novel threat, especially when you consider the way in which they create a sense or urgency," Lindsay Kaye, vice president of threat intelligence at HUMAN Security, told The Hacker News. "In many cases, users are quick to click, either to make them go away or to get more information, making them an effective tool in a malware author's arsenal." The disclosure also comes a little over a month after HUMAN identified a collection of more than 3,000 domains and 63 Android apps that it said constituted one of the largest ad fraud laundering marketplaces ever uncovered. Dubbed Low5 for its use of HTML5-based game and news sites, the operation has been found to monetize the domains as cashout sites for sophisticated fraud schemes, including BADBOX 2.0. "The operation peaked at roughly 2 billion bid requests a day and may have operated on as many as 40 million devices worldwide," the company said. "Apps associated with Low5 include code that instructs user devices to visit one of the domains connected with the scheme and click on ads found there." Cashout sites, also called ghost sites, are used to conduct content-driven fraud, where the attackers use bogus sites and apps to sell space to advertisers who may assume their ads will be viewed by humans. The Android apps in question have been removed from the Google Play Store. "A shared monetization layer spanning more than 3,000 domains allows multiple threat actors to plug into the same infrastructure, creating a distributed laundering system that increases threat resilience, complicates attribution, and enables rapid replication," HUMAN added. "A key takeaway from this research is that monetization infrastructure can survive even after a specific fraud campaign is shut down. If one malicious app or device network is removed, the same cashout domains can still be reused by other actors. Low5 reinforces the need for continuous, aggressive threat intelligence and detection expertise to hunt down cashout domains and flag them pre-bid." Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share Share SHARE  ad fraud, Android, artificial intelligence, cybersecurity, Malware, Online Scam, Scareware, Search Engine Poisoning, Threat Intelligence Trending News Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS Block the Prompt, Not the Work: The End of "Doctor No" BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks ⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems AI Will Change Cybersecurity. Humans Will Define Its Success. A Lesson No Algorithm Can Teach The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority Popular Resources Learn How to Block Breached Passwords in Active Directory Before Attacks Get Full Visibility into Vendor and Internal Risk in One Platform [Guide] Get Practical Steps to Govern AI Agents with Runtime Controls Secure Your AI Systems Across the Full Lifecycle of Risks

Indicators of Compromise

• malware — Pushpaganda
• malware — Low5
• malware — BADBOX 2.0
• malware — Vane Viper

Entities