EtherRAT Uses SEO Poisoning and Fake GitHub Pages to Target Enterprise Admins

A new cyber campaign named EtherRAT is targeting enterprise administrators by using SEO poisoning and fake GitHub pages to impersonate legitimate administrative tools. This campaign utilizes a dual-stage approach with fake repositories leading to malicious installers, and employs the Ethereum blockchain for resilient command-and-control.