Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising
May 18, 2024 at 02:27PM A ransomware operation targeted Windows system administrators by using Google ads to promote fake download sites for WinSCP and PuTTY. The counterfeit sites hosted trojanized installers and exploited DLL sideloading to install the Sliver post-exploitation toolkit, allowing remote access and potential deployment of ransomware. This campaign utilized typosquatting and displayed … Read more