A newly uncovered cybercrime service is giving threat actors a sophisticated toolkit to run malicious Google advertising campaigns — and to systematically evade the search giant’s own screening processes. The platform, known as “Ads Ninja,” represents a troubling escalation in the cat-and-mouse game between cybercriminals and the technology companies trying to keep their advertising platforms clean.
According to reporting by TechRadar, the service was discovered by cybersecurity researchers at Threat Fabric, who found it being marketed in underground forums as a turnkey solution for running so-called “malvertising” campaigns at scale. The platform provides everything a criminal operator needs: compromised Google Ads accounts, cloaking mechanisms to hide malicious content from Google’s automated reviewers, and infrastructure to redirect unsuspecting users to phishing pages or malware downloads.
A Full-Service Criminal Operation Built for Scale
What makes Ads Ninja particularly alarming to security professionals is its business model. Rather than requiring would-be attackers to assemble their own technical infrastructure — acquiring stolen ad accounts, building cloaking services, and setting up malicious landing pages — the platform bundles all of these capabilities into a single, subscription-based offering. This dramatically lowers the barrier to entry for malvertising, allowing even relatively unsophisticated criminals to launch campaigns that can reach millions of Google users.
The platform operates on a service model that mirrors legitimate software-as-a-service businesses. Customers can purchase access to verified Google Ads accounts that have already passed Google’s initial screening checks. These accounts are typically stolen from legitimate advertisers or created using stolen identities, giving them an established history that helps them avoid immediate suspicion. The service also provides ongoing technical support, helping operators troubleshoot campaigns and adjust their tactics when Google’s systems begin to flag suspicious activity.
How Cloaking Technology Defeats Google’s Defenses
The centerpiece of the Ads Ninja platform is its cloaking technology. Cloaking is a technique in which a website or advertisement shows different content depending on who is viewing it. When Google’s automated crawlers or human reviewers visit a page associated with a malicious ad, the cloaking system detects the visit and serves up benign, policy-compliant content. But when an ordinary user clicks the same ad, they are redirected to a phishing site, a fake software download page, or another malicious destination.
This technique is not new — cloaking has been used in various forms for years — but Ads Ninja appears to have refined it to a degree that makes detection significantly more difficult. The platform reportedly uses multiple layers of fingerprinting to identify Google’s review systems, including analysis of IP addresses, browser characteristics, geographic location, and behavioral patterns. By combining these signals, the cloaking system can distinguish between a Google reviewer and a genuine target with high accuracy, according to the Threat Fabric research cited by TechRadar.
The Growing Malvertising Threat to Enterprise and Consumer Security
The emergence of Ads Ninja comes at a time when malvertising has become one of the most significant vectors for distributing malware and conducting phishing operations. Google processes billions of ad impressions daily, and despite the company’s significant investments in automated detection and policy enforcement, malicious ads continue to slip through. In its most recent ads safety report, Google said it blocked or removed billions of ads in 2023 for policy violations, but security researchers have consistently noted that enforcement remains imperfect.
The consequences for users who encounter malvertising can be severe. In recent months, security firms have documented campaigns in which malicious Google ads were used to distribute information-stealing malware such as Raccoon Stealer, Vidar, and IcedID. These campaigns often target users searching for popular software downloads — impersonating brands like Slack, Zoom, Notion, and various VPN providers. When a user clicks on what appears to be a legitimate sponsored search result, they are taken to a convincing replica of the software’s official website and prompted to download a trojanized installer.
Why Stolen Ad Accounts Are the Currency of the Underground
One of the most critical components of the Ads Ninja offering is its supply of compromised Google Ads accounts. Fresh, stolen accounts with established spending histories are highly valued in criminal marketplaces because they are far less likely to trigger Google’s fraud detection systems than newly created accounts. An account that has been running legitimate campaigns for months or years carries an implicit trust score within Google’s platform, making it an ideal vehicle for launching malicious ads that will initially pass review.
The theft of these accounts is itself a thriving criminal enterprise. Attackers use phishing, credential stuffing, and infostealer malware to gain access to advertisers’ Google accounts. Once compromised, the accounts can be sold on underground forums or funneled directly into platforms like Ads Ninja. For the legitimate businesses whose accounts are hijacked, the consequences extend beyond the immediate security breach — they may face financial losses from unauthorized ad spending, reputational damage if their brand is associated with malicious content, and potential suspension of their advertising privileges by Google.
Google’s Enforcement Challenge and Industry Response
Google has repeatedly stated that it takes the abuse of its advertising platform seriously and invests heavily in both automated and human review processes. The company employs machine learning models to scan ads and landing pages for policy violations, and it maintains teams of human reviewers who investigate flagged content. However, the scale of the problem is enormous. With millions of advertisers and billions of ads served daily, even a small percentage of malicious ads slipping through represents a significant volume of harmful content reaching users.
Security researchers have pointed out that the arms race between platforms like Ads Ninja and Google’s detection systems is inherently asymmetric. The attackers need only find ways to evade detection for long enough to run a profitable campaign — often just hours or days — while Google must maintain continuous, comprehensive coverage across its entire advertising network. Each time Google updates its detection methods, criminal service providers like Ads Ninja can study the changes and adapt their cloaking and evasion techniques accordingly.
The Broader Implications for Digital Advertising Trust
The professionalization of malvertising through platforms like Ads Ninja raises fundamental questions about the trustworthiness of paid search results and display advertising. For years, users have been trained to be cautious about clicking on unfamiliar links in emails or on social media, but many still implicitly trust Google search results — particularly sponsored results that appear at the top of the page. The existence of sophisticated, service-oriented criminal platforms dedicated to exploiting that trust suggests that user education alone is insufficient as a defense.
Enterprise security teams are increasingly recognizing malvertising as a threat that requires dedicated attention. Some organizations have begun implementing browser-level protections that block or flag sponsored search results, while others are incorporating malvertising awareness into their security training programs. Endpoint detection and response tools are also being tuned to identify the specific malware families commonly distributed through malicious ads, though this represents a reactive rather than preventive approach.
What Comes Next in the Fight Against Malvertising-as-a-Service
The discovery of Ads Ninja by Threat Fabric researchers underscores a broader trend in cybercrime: the industrialization of attack capabilities through as-a-service models. Just as ransomware-as-a-service platforms have enabled a proliferation of ransomware attacks by actors who lack the technical skill to develop their own tools, malvertising-as-a-service platforms threaten to dramatically increase the volume and sophistication of malicious advertising campaigns.
For Google and other major advertising platforms, the challenge is clear. Incremental improvements to existing detection systems may not be sufficient to counter the threat posed by dedicated criminal service providers that can iterate rapidly on their evasion techniques. More fundamental changes — such as stricter identity verification for advertisers, enhanced real-time monitoring of ad destinations after initial approval, and deeper collaboration with the cybersecurity research community — may be necessary to meaningfully reduce the effectiveness of platforms like Ads Ninja. Until then, the underground market for malvertising tools is likely to continue growing, fueled by the enormous reach and implicit trust that Google’s advertising platform provides to anyone who can pay for access.