- The site of false equipment delivery oyster malware through SEO poisoning and deceptive ads
- Falsified page mimics Microsoft’s design, cheating users to download malware
- Best Defense: Write the URLs known directly, avoid trusting only the search results
If you are looking to install the Microsoft Teams platform, be very careful how to navigate to the download page, since experts have warned about a new malicious campaign that deceives people to download malware.
BlackPoint SOC security researchers recently discovered a fraudulent page of Microsoft equipment downloads housed in Teams-Install[.]above. It looks almost identical to the legitimate site of Microsoft, with color, design and sources, all similar to the real site.
However, instead of downloading the popular communications platform, the victims receive the rear door of Oyster, a well -known piece of malware that gives attackers total access to the final point committed.
SEO and evil poisoning
The site is optimized for search engines, a practice known as “SEO poisoning.” People looking for “download teams” (and probably some other keywords) will find the falsified site at the top of their search results, right next to the legitimate one.
If a user is not careful, it is quite easy to finish in the wrong place and download malware instead of the real program.
To make things worse, the attackers also managed to configure some advertisements on the Internet, which also seem to appear at the top of the search engine results page.
SEO poisoning and evil campaigns such as this work well because looking for known sites and programs, instead of writing the address in the browser addresses is a fairly common behavior.
Many users treat Google as their “main door” to the Internet. For example, in 2024, YouTube was the most wanted term on Google Worldwide, closely followed by WhatsApp Web.
In the United States, Amazon directed search trends after YouTube. All these platforms are recognized worldwide and you can access all writing your .com domain in the browser.
This is also the best way to defend against SEO poisoning and SEO evil: the results of search engines and navigate as many sites as I can, directly through your browser are not blindly confident.
Through Bleepingcomputer
