Tech »  Topic »  Hackers Manipulate Search Results to Target IT Pros with Trojanized PuTTY and WinSCP

Hackers Manipulate Search Results to Target IT Pros with Trojanized PuTTY and WinSCP

1 week, 2 days ago   gbhackers

Arctic Wolf has uncovered a cunning cybersecurity threat that exploits search engine optimization (SEO) poisoning and malvertising tactics to distribute Trojanized versions of widely used IT tools such as PuTTY and WinSCP.

This campaign cunningly targets IT professionals and system administrators, individuals who frequently rely on these tools for secure file transfers and remote system management.

Malvertising Campaign Unveiled

By manipulating search engine results and placing malicious sponsored ads on platforms like Bing, threat actors have created a deceptive web of fake websites that mimic legitimate sources.

Example of Malicious Sponsored PuTTY Ad on Bing.

Unsuspecting users who download from these fraudulent sites inadvertently install malware, posing a significant risk to both individual systems and organizational security.

The mechanics of this attack are both sophisticated and stealthy. The malicious websites host Trojanized installers of PuTTY and WinSCP, which, upon execution, deploy a backdoor identified as Oyster or Broomstick.

These backdoor ...


Copyright of this story solely belongs to gbhackers . To see the full text click HERE