SEO Poisoning Campaign Targets Chinese Users with Malware-Laced Installers

A recent SEO poisoning campaign targeted Chinese-speaking users by manipulating search rankings to promote fraudulent domains mimicking trusted software providers. The campaign involved legitimate software installers bundled with malware, including variants of Winos and Hiddengh0st, capable of keystroke logging, clipboard monitoring, and crypto wallet hijacking. The sophistication of the attack lay in its layered approach, combining legitimate software with malicious code and using SEO techniques to deceive users.