SEO poisoning campaign targets 8,500-plus SMB users with malware disguised as AI tools

Cybersecurity researchers have disclosed a malicious campaign that leverages search engine optimization (SEO) poisoning techniques to deliver a known malware loader called Oyster (aka Broomstick or CleanUpLoader).

The malvertising activity, per Arctic Wolf, promotes fake websites hosting trojanized versions of legitimate tools like PuTTY and WinSCP, aiming to trick software professionals searching for these programs into installing them instead.

“Upon execution, a backdoor known as Oyster/Broomstick is installed,” the company said in a brief published last week.

Read more at The Hacker News