#badiis

[ follow ]
#uat-8099 #iis-servers #seo-fraud #china-linked #seo-poisoning #iis-malware #vietnam
Information security
fromThe Hacker News
1 day ago

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

China-linked UAT-8099 targeted vulnerable IIS servers across Asia, focusing on Thailand and Vietnam, using web shells, PowerShell, GotoHTTP, and BadIIS for persistent access.
fromThe Hacker News
4 months ago

BadIIS Malware Spreads via SEO Poisoning - Redirects Traffic, Plants Web Shells

Cybersecurity researchers are calling attention to a search engine optimization (SEO) poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks targeting East and Southeast Asia, particularly with a focus on Vietnam. The activity, dubbed Operation Rewrite, is being tracked by Palo Alto Networks Unit 42 under the moniker CL-UNK-1037, where "CL" stands for cluster and "UNK" refers to unknown motivation.
Information security
[ Load more ]