Fake Microsoft Teams Installers Push Oyster Malware via Malvertising

Cybercriminals are exploiting fake Microsoft Teams installers to distribute the Oyster malware through malvertising campaigns. These deceptive installers mimic legitimate software to trick users into downloading malicious payloads. Once installed, the Oyster malware can perform various malicious activities, including data theft and system compromise. This attack vector highlights the growing trend of leveraging popular collaboration tools as bait in cyberattacks. Organizations and users are urged to verify software sources and maintain updated security measures to mitigate risks associated with such threats. The campaign's use of malvertising underscores the importance of cautious browsing and the deployment of robust ad-blocking and endpoint protection solutions. Awareness and proactive defense strategies remain critical in combating these evolving threats.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Sat, 27 Sep 2025 19:50:28 +0000

Cyber News related to Fake Microsoft Teams Installers Push Oyster Malware via Malvertising

Fake Microsoft Teams Installers Push Oyster Malware via Malvertising - Cybercriminals are exploiting fake Microsoft Teams installers to distribute the Oyster malware through malvertising campaigns. These deceptive installers mimic legitimate software to trick users into downloading malicious payloads. Once installed, ...
5 months ago Bleepingcomputer.com

The Surge of FakeBat Malware in Search-Based Malvertising Campaigns - In recent months, cybersecurity researchers have observed a concerning surge in search-based malvertising campaigns, with documented incidents nearly doubling compared to previous periods. Amidst this uptick in online threats, one particular malware ...
1 year ago Cysecurity.news

Oyster Malware as PuTTY, KeyPass Attacking IT Admins by Poisoning SEO Results - Once executed, the installer drops a malicious DLL file, zqin.dll, and runs it via rundll32.exe. This establishes the Oyster backdoor, which collects system information, steals credentials, executes commands, and downloads additional malware, reads ...
7 months ago Cybersecuritynews.com Rhysida

FakeBat delivered via several active malvertising campaigns - February was a particularly busy month for search-based malvertising with the number of incidents we documented almost doubling. We saw similar payloads being dropped but also a few new ones that were particularly good at evading detection. One ...
2 years ago Malwarebytes.com Cloak

FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection - An ongoing malvertising campaign is being used to distribute virtualized. NET loaders that are designed to deploy the FormBook information-stealing malware. "The loaders, dubbed MalVirt, use obfuscated virtualization for anti-analysis and evasion ...
3 years ago Thehackernews.com

Malvertisers zoom in on cryptocurrencies and initial access - While Zoom is used by millions of people around the world, these campaigns are likely targeting victims who are into cryptocurrencies as well as corporate users, in order to gain access to company networks. The threat actors are using a number of ...
2 years ago Malwarebytes.com Cloak

Fake Corsair job offers on LinkedIn push DarkGate malware - A threat actor is using fake LinkedIn posts and direct messages about a Facebook Ads specialist position at hardware maker Corsair to lure people into downloading info-stealing malware like DarkGate and RedLine. Cybersecurity company WithSecure ...
2 years ago Bleepingcomputer.com

Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
2 years ago Microsoft.com

Microsoft says malvertising campaign impacted 1 million PCs - The malvertising videos redirected users to the GitHub repos that infected them with malware designed to perform system discovery, collect detailed system info (e.g., memory size, graphic details, screen resolution, operating system (OS), and user ...
1 year ago Bleepingcomputer.com

Fake KeePass site uses Google Ads and Punycode to push malware - A Google Ads campaign was found pushing a fake KeePass download site that used Punycode to appear as the official domain of the KeePass password manager to distribute malware. Google has been battling with ongoing malvertising campaigns that allow ...
2 years ago Bleepingcomputer.com

Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
1 year ago Pandasecurity.com

New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers - A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. "This incident is a part of a larger malvertising ...
2 years ago Thehackernews.com Cloak

PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
2 years ago Securityintelligence.com

How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
1 year ago Pandasecurity.com

Fake Browser Updates Targeting Mac Systems With Infostealer - A widely popular social engineering campaign previously only targeting Windows systems has expanded and is now using fake browser updates to distribute Atomic Stealer, a dangerous information stealer, to macOS systems. Experts say this could be the ...
2 years ago Darkreading.com

Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com