14 DAY TRIAL // Yesterday, numerous users reported their accounts were hacked and several anonymous advertising campaigns were started without their approval. More than that, the credit card information was changed, but the password remained unmodified. The affected members sustained the advertising campaigns started by the hackers redirect visitors to infected webpages that try to install several malware files. Although the company didn't confirm that more users were affected by the flaw, the AdWords members were still looking for a way to talk with Google's representatives. However, the company didn't remain unaffected by the flaw because the Google employees were investigating the issue and finally confirmed the problem today. According to a blog post, it wall started from a malicious file installed on the users' systems and which was able to steal the AdWords passwords.
"On Tuesday, April 24th, Google identified and canceled AdWords accounts displaying ads that re-directed users to malicious sites. These sites attempted to install malware onto users' computers. This is an issue we've taken very seriously and will continue to monitor. We are also evaluating our systems to ensure that the appropriate measures are in place to block future attempts," the AdWords team described the issue.
The Mountain View-based company is encouraging users to keep their security utilities up-to-date and regularly run system scans. If you don't have a powerful antivirus solution, you can have one for free by installing Google Pack, a bundle of softwares that contains several security utilities. You're also advised to use more complex passwords and change them periodically, but I believe this tends to become an extreme protection.
"We feel a responsibility to protect the security and safety of our users and advertisers, and recognize that secure products are instrumental in maintaining your trust," the Google employees added. If Google doesn't know, the issue was first reported a few days ago so I guess some advertisers were really affected by the vulnerability. So, don't be afraid, Google protects you (or at least, it tries)...