Fake Microsoft Teams installers push Oyster malware via malvertising www.bleepingcomputer.com/news/secu…

Hackers have been spotted using SEO poisoning and search engine advertisements to promote fake Microsoft Teams installers that infect Windows devices with the Oyster backdoor, providing initial access to corporate networks.

The Oyster malware, also known as Broomstick and CleanUpLoader, is a backdoor that first appeared in mid-2023 and has since been linked to multiple campaigns. The malware provides attackers with remote access to infected devices, allowing them to execute commands, deploy additional payloads, and transfer files.

Oyster is commonly spread through malvertising campaigns that impersonate popular IT tools, such as Putty and WinSCP. Ransomware operations, like Rhysida, have also utilized the malware to breach corporate networks.