SEO Poisoning Attack Delivers Oyster Malware via Fake PuTTY & WinSCP Downloads

 

A stealthy, large-scale campaign, discovered in June 2025, utilized malicious ads and built-in SEO poisoning to distribute the Oyster (also known as Broomstick or CleanUpLoader) backdoor. The attackers trojanized legitimate IT tools, specifically PuTTY and WinSCP, to deliver malware through seemingly trusted installers. These deceptive sites mimicked official download pages, luring IT professionals and system admins searching online into running compromised installers.
Once executed, the malware establishes persistence by installing a DLL (twain_96.dll) and registering scheduled tasks that run every three minutes via rundll32.exe using DLL registration tricks for stealth. With Oyster onboard, actors gain remote access, steal credentials, execute code, and deploy further malicious payloads, posing a heightened risk within enterprise environments.
Security teams are urged to avoid downloading administrative tools from search engine results or sponsored ads. Instead, download only from official vendor sites or internal repositories. Additionally, the block identified malicious domains such as updaterputty.com, puttyy.org, putty.run, and zephyrhype.com to minimize exposure. 
 

Comments

Post a Comment

Popular posts from this blog

Andriod AI Scam Protection

 According to WIRED, Americans have been targeted by scammers from around the world. Based on the data in the article, nearly $16.6 billion is expected to be lost to online crimes. Approximately 200,000 individuals reported scams such as phishing and spoofing to the FBI, with almost $470 million stolen through scams initiated by anonymous texts or messages. According to the Federal Trade Commission, Google plans to implement AI-on-Device Scam Protection that will run on messaging applications when they launch Android 16, aiming to identify various types of scams, including crypto, lottery, gift card, and prize scams, among others. This security system operates on individual users' devices without sharing data with Google. According to Google, this new system has protected approximately 2 billion suspicious messages from users in one month. This AI can detect both simple and complex schemes. This will be added at the upcoming launch of Android 16 to safeguard against evolving scams ...
Read more

Salesforce Buys AI data tools

Salesforce announced its intention to acquire the data management company Informatica for approximately $8 billion, marking its largest acquisition since purchasing Slack for nearly $28 billion in 2021. This move aims to enhance Salesforce's data management and AI capabilities, specifically to boost the Salesforce Agentforce platform, as it will enable the business to automate tasks through virtual AI agents. This deal is priced at around $25 per share, representing a 30% premium over Informatica's stock price prior to the renewed news surfacing. However, the deal may face antitrust scrutiny due to functional overlap with the existing Mulesoft platform within Salesforce. At the same time, Salesforce hopes the acquisition will provide a reasonable return on investment and strengthen its position in the AI-driven software market.   https://www.reuters.com/technology/salesforce-nears-8-billion-deal-informatica-wsj-reports-2025-05-27/   
Read more

A.I Competition Why Security Matters?

 Today, countries are competing to lead in technology, innovation, and other cutting-edge ideas. The US is working to stay ahead of China in artificial intelligence, but it's crucial not to lose focus on security. While innovation and business influence are key to success, the US must also be mindful of the potential for AI tools to be misused by government officials for surveillance and military purposes.  There are numerous efforts to regulate AI exports, and rules have been created to control them, but these efforts are often inconsistent and can be overturned by subsequent administrations. The US faces some difficulties with AI technologies that are exported from abroad, creating uncertainty. Some US tech companies have partnered with countries in the Far East, raising national security concerns. Both countries advanced the system in the military, which caused a dual-use concern. Achieving AI dominance is about building a system that is both safe and responsible. ...
Read more