An ongoing malicious advertising campaign is leveraging legitimate software downloads to deploy OysterLoader malware, enabling cybercriminals to gain access to corporate networks. This malware acts as a delivery mechanism for the notorious Rhysida ransomware gang, which has been targeting enterprises since its inception from the Vice Society group in 2021.
Recent campaigns by Rhysida have adopted new tactics, such as impersonating popular software like Microsoft Teams and PuTTY, creating convincing fake download pages. The use of misspellings, like “Putty” instead of “PuTTY,” aims to deceive users searching for legitimate tools. The current operation has dramatically increased in scale, utilizing over 40 code-signing certificates, demonstrating a significant investment in evasion techniques to bypass security measures.
👉 Pročitaj original: Cyber Security News
