Internet users are facing a new sophisticated scam when fake websites appear in the top Google search results, luring users to download dangerous malware to create legitimate software.
According to cybersecurity experts, this attack campaign targets those who are looking for popular tools such as PuTTY and WinSCP... These are remote connection software widely used by IT and programmers.
Impersonating a professional, deceiving experienced users
Fraudulent websites are sophisticatedly designed, looking almost identical to the official page. By using search engine optimization (SEO) techniques, they are pushed to the top of Google search results, making users easily mistakenly believe them as reliable links.
When users downloaded software from these sites, a malware called oyster was also quietly installed with it. Oyster acts as a backside, allowing hackers to penetrate deeper into the system and install more malware in the future.
This tool uses sophisticated techniques, periodic tasks and communication encryption, making it difficult for security systems to detect.
How to prevent
The list of fake domain names that are being warned includes: updaterputty.com, Zephyrhype.com, putty.run, putty.bet and puttyy.org. The danger is that even experienced users are easily deceived by the interface and directions that look "professional".
To avoid becoming a victim, users should access the software's official website directly via a known website address or use a trusted page award. Do not download software from strange links on the search engine, even if they are in the first place.
This activity shows that hackers are increasingly taking advantage of search algorithms to spread malware, making it more necessary than ever to be vigilant with each click. In a risky digital world, a small operation can also be the line between safety and attack.