Hackers are using SEO poisoning and malicious ads to promote fake Microsoft Teams installers that deploy Oyster backdoor malware on Windows devices. This tactic allows attackers to gain initial access to networks, often leveraging trusted brands to deceive users. #OysterBackdoor #SEOpoynization
Keypoints
- Cybercriminals promote counterfeit Microsoft Teams installers via search engine ads and SEO tactics.
- The fake installer drops a malicious DLL named CaptureService.dll into user systems.
- Oyster malware provides remote access, enabling command execution and file transfer on infected devices.
- Ransomware groups like Rhysida have utilized Oyster to infiltrate corporate networks.
- IT professionals are advised to download software only from verified sources to avoid infection.