New SEO Poisoning Campaign Distributing Trojanized Versions of Popular Software

[MagicSahar]

An ongoing search motor optimization (Search engine optimization) poisoning attack campaign has been observed abusing have faith in in legitimate software program utilities to trick people into downloading BATLOADER malware on compromised devices.

In Search engine optimisation poisoning attacks, adversaries artificially enhance the lookup motor ranking of internet websites (authentic or in any other case) hosting their malware to make them present up on major of look for final results so that buyers seeking for unique apps like TeamViewer, Visual Studio, and Zoom are infected with malware.

The installer, although packing the reputable software package, is also bundled with the BATLOADER payload which is executed during the set up method. The malware then acts as a stepping stone for attaining more perception into the qualified firm by downloading upcoming-stage executables that propagate the multi-stage an infection chain.

What is a lot more, in a indicator that the operators experimented with distinctive ploys, an alternative variant of the same marketing campaign sent the Atera remote checking administration software directly as a consequence of the first compromise for further stick to-on post-exploitation pursuits.
 

Source : https://thecybersecurity.news/general-cyber-security-news/new-seo-poisoning-campaign-distributing-trojanized-versions-of-popular-software-16400/