Cybersecurity researchers have uncovered a campaign using SEO poisoning and malvertising to distribute malware like Oyster, Vidar, Lumma, and Legion Loader across fake websites and search results. These malicious activities target both IT professionals and general consumers, exploiting popular AI tools and well-known brands to deliver stealer payloads and conduct financial fraud. #OysterMalware #SEOpoisoning #VidarStealer #LummaLoader #LegionLoader
Keypoints
- Cybercriminals use SEO poisoning to direct users to malicious sites hosting malware loaders and stealers.
- Fake websites impersonate legitimate tools like PuTTY, WinSCP, and AI applications to deceive victims.
- Malvertising campaigns on platforms like Facebook and Google spread malware and conduct financial fraud.
- Small and medium-sized businesses are increasingly targeted with malware disguised as popular collaboration tools.
- Threat actors exploit search parameter injection and fake ads to hijack brand searches and steal sensitive data.
Read More: https://thehackernews.com/2025/07/seo-poisoning-campaign-targets-8500.html