- cross-posted to:
- pulse_of_truth@infosec.pub
- cross-posted to:
- pulse_of_truth@infosec.pub
A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP.
A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP.
Wait, are system admins the types to click on ads? I thought one of the most important rules of the internet was “never click on ads.” Seems like the wrong place to go phishing.
System admins are just people
Devil’s advocate: it would be worth the risk of wasted time to an attacker when the payoff is potentially gaining admin access to one or two high-value systems.
“My boss says I need something called ‘Wind Skip.’ I don’t know what it’s for; I have a PDF here with instructions. He says we can just download it and run it, but I couldn’t find it. Can you install it for me?”