Blog
A new malvertising campaign has been discovered, using a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor called MadMxShell. The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged Google Ads to push these domains to the top of search engine results targeting specific search keywords. This tactic is designed to attract unsuspecting users and infect their systems with the hidden backdoor.
To learn more about this malicious Google Ads campaign and the fake IP scanner software with a hidden backdoor, read the full article here.
