Cybersecurity experts have identified a malware campaign distributing fake software like PuTTY and WinSCP through counterfeit websites. These sites use advanced SEO techniques to rank highly in search results, deceiving users into downloading malware disguised as legitimate applications. The malicious downloads contain a loader called Oyster, which installs a backdoor on the device and executes commands without user awareness. This campaign primarily targets small and mid-sized businesses, posing significant threats to their cybersecurity.
A major cyberattack is targeting small and mid-sized businesses using SEO poisoning to push malware disguised as popular tools like ChatGPT, Zoom, PuTTY, and Microsoft Office apps. Fake sites rank high in Google for AI/software keywords.
The attackers behind this campaign have created highly convincing counterfeit landing pages that resemble the official PuTTY and WinSCP sites. These fake sites rank high on Google, making it easy for unsuspecting users to click and download apparent legitimate software.
The downloads contain a hidden malware loader called Oyster, which installs a backdoor on the victim's system. Oyster malware is designed to be stealthy and persistent.
A major SEO poisoning campaign is targeting 8,500+ SMB users with malware disguised as popular AI and business tools. Fake sites appear in search results, tricking users into downloading trojanized apps.
Collection
[
|
...
]