Recherche : [Search] - Cyberveille

From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira https://thedfirreport.com/2025/08/05/from-bing-search-to-ransomware-bumblebee-and-adaptixc2-deliver-akira/

05/08/2025 18:50:03

thedfirreport.com - Bumblebee malware has been an initial access tool used by threat actors since late 2021. In 2023 the malware was first reported as using SEO poisoning as a delivery mechanism. Recently in May of 2025 Cyjax reported on a campaign using this method again, impersonating various IT tools. We observed a similar campaign in July in which a download of an IT management tool ended with Akira ransomware.

In July 2025, we observed a threat actor compromise an organization through this SEO poisoning campaign. A user searching for “ManageEngine OpManager” was directed to a malicious website, which delivered a trojanized software installer. This action led to the deployment of the Bumblebee malware, granting the threat actor initial access to the environment. The intrusion quickly escalated from a single infected host to a full-scale network compromise.

Following initial access, the threat actor moved laterally to a domain controller, dumped credentials, installed persistent remote access tools, and exfiltrated data using an SFTP client. The intrusion culminated in the deployment of Akira ransomware across the root domain. The threat actor returned two days later to repeat the process, encrypting systems within a child domain and causing significant operational disruption across the enterprise.

This campaign affected multiple organizations during July as we received confirmation of a similar intrusion responded to by the Swisscom B2B CSIRT in which a malicious IT tool dropped Bumblebee and also ended with Akira ransomware deployment.

An Anonymous Source Shared Thousands of Leaked Google Search API Documents with Me; Everyone in SEO Should See Them https://sparktoro.com/blog/an-anonymous-source-shared-thousands-of-leaked-google-search-api-documents-with-me-everyone-in-seo-should-see-them/

30/05/2024 13:50:20

On Sunday, May 5th, I received an email from a person claiming to have access to a massive leak of API documentation from inside Google’s Search division.

Google Search Overwhelmed By Massive Spam Attack https://www.searchenginejournal.com/google-search-overwhelmed-by-massive-spam-attack/504527/

23/12/2023 16:44:40

Google is apparently struggling to contain a spam attack that's been ongoing for days.
Google’s search results have been hit by a spam attack for the past few days in what can only be described as completely out of control. Many domains are ranking for hundreds of thousands of keywords each, an indication that the scale of this attack could easily reach into the millions of keyword phrases.

Chatbot Hallucinations Are Poisoning Web Search https://www.wired.com/story/fast-forward-chatbot-hallucinations-are-poisoning-web-search/

27/10/2023 09:06:26

Untruths spouted by chatbots ended up on the web—and Microsoft's Bing search engine served them up as facts. Generative AI could make search harder to trust.

Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results https://www.sentinelone.com/blog/breaking-down-the-seo-poisoning-attack-how-attackers-are-hijacking-search-results/

21/01/2023 22:56:51

SEO poisoning is gaining momentum as threat actors leverage malicious ads to deliver malware through web browser searches.

Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner https://www.bleepingcomputer.com/news/security/hackers-push-malware-via-google-search-ads-for-vlc-7-zip-ccleaner/

20/01/2023 12:00:16

Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results.

Liens par page

Filtres