SEO Poisoning Attack Delivers Trojanized IT Tools
Arctic Wolf has reported a new SEO poisoning attack promoting malicious websites that host Trojanized versions of IT tools such as PuTTY and WinSCP.
“These fake sites aim to trick unsuspecting users – often IT professionals – into downloading and executing Trojanized installers. Upon execution, a backdoor known as Oyster/Broomstick is installed,” says Andres Ramos in the company’s security bulletin.
Arctic Wolf recommends blocking the following specific domains to prevent user access and reduce exposure to these Trojanized versions:
- updaterputty[.]com
- zephyrhype[.]com
- putty[.]run
- putty[.]bet
- puttyy[.]org
Learn more at Arctic Wolf.
Related content
- Official ASUS Update Tool Compromised
- Turla Malware Variant Targets Linux
-
Arp Cache Poisoning and Packet Sniffing
Intruders rely on arp cache poisoning to conceal their presence on a local network. We'll show you some of the tools an attacker might use to poison the arp cache and gather information on your network.
-
Halting the ransomware blackmail wave
In the tsunami of ransomware infections this year, the Locky encryption trojan is a high-water mark. With a constant stream of novel attack patterns, this continually evolving pest makes life difficult for IT managers, users, and security vendors. Here's how to protect yourself. - Bad Trojan Threatens Two Thirds of All Android Devices
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
