Be careful where you click in Google search results - it could be damaging malware
techradar.com
- Arctic Wolf spotted SEO-optimized fake download pages
- The sites spoofed PuTTY and WinSCP
- Experts warn IT teams to be careful when downloading software
Experts have uncovered a malicious campaign using SEO-optimized fake landing pages to deploy a malware loader called Oyster.
Cybersecurity researchers Arctic Wolf found threat actors have created numerous landing pages that impersonate PuTTY and WinSCP, two popular Windows tools used to connect securely to remote servers.
These pages are seemingly identical to their legitimate counterparts, and when people search on Google for these tools (mostly IT, cybersecurity, and web development professionals), they could be tricked into opening the wrong website. Since nothing on the sites would raise their suspicion, they might download the tool - which would work as intended, but it would also deliver Oyster, a known malware loader that is also sometimes called Broomstick, or CleanUpLoader.
Copyright of this story solely belongs to techradar.com . To see the full text click HERE