Hackers Redirect Victims to Malicious Sites Using Google Maps

Cybersecurity experts from Sophos have discovered a new scam technique that tricks victims into visiting malicious websites by exploiting the URL sharing feature in Google Maps.

According to the researchers, the URL sharing function in Google Maps is unofficial and lacks mechanisms to block suspicious links, which scammers are taking advantage of. In the documented case, attackers used a URL created with the goo.gl service alongside a Google Maps address. Victims were redirected to a page with a Russian domain that displayed weight loss advertisements targeting English-speaking users.

How the Scam Works

This misuse of the Google Maps feature is possible due to an open redirect vulnerability affecting the maps.app.goo.gl service, as explained by the experts. Another advantage for scammers is that, unlike the goo.gl service, Google Maps does not collect analytics, and setting up a URL does not require using the Google console. Instead, the attacker can simply add the address of a malicious site to the end of the URL generated by Google Maps.