Malvertising Campaign Drops Oyster Backdoor
1. Malvertising uses trojanized Google Chrome and Microsoft Teams installers for infections.
2. Users are redirected to fake websites hosting malicious payloads.
3. Oyster backdoor gathers host data, communicates with C2, supports remote execution.
4. Attack linked to ITG23 group, known for TrickBot malware activities.
5. Phishing-as-a-service platform ONNX Store exploits PDF attachments for credential theft.
#malvertising
#oysterbackdoor
#trojanizedinstallers
#itg23 #trickbot
#phishingasaservice
#onnxstore
#pdfdecoys
#netsupportrat
#remoteaccesstool
#cybersecurity
#malwarecampaign
#cyberthreats
#rogueraticate
#raticate
#phishingattacks
#microsoftteams
#googlechrome
#fakesoftware
#cybercrime
#twofactorauthentication
#2fabypass
#credentialharvesting
#cloudflare
#phishingkit
#remoteexecution
#cyberespionage
#securityresearch
#infosec
1. Malvertising uses trojanized Google Chrome and Microsoft Teams installers for infections.
2. Users are redirected to fake websites hosting malicious payloads.
3. Oyster backdoor gathers host data, communicates with C2, supports remote execution.
4. Attack linked to ITG23 group, known for TrickBot malware activities.
5. Phishing-as-a-service platform ONNX Store exploits PDF attachments for credential theft.
#malvertising
#oysterbackdoor
#trojanizedinstallers
#itg23 #trickbot
#phishingasaservice
#onnxstore
#pdfdecoys
#netsupportrat
#remoteaccesstool
#cybersecurity
#malwarecampaign
#cyberthreats
#rogueraticate
#raticate
#phishingattacks
#microsoftteams
#googlechrome
#fakesoftware
#cybercrime
#twofactorauthentication
#2fabypass
#credentialharvesting
#cloudflare
#phishingkit
#remoteexecution
#cyberespionage
#securityresearch
#infosec