New Nitrogen malware pushed via Google Ads for ransomware attacks

A recent early access malware operation called Nitrogen promotes bogus software sites that infect unaware users with Cobalt Strike and ransomware payloads by using Google and Bing search ads. A study on the Nitrogen campaign was just made public by Sophos. It describes how it predominantly targets technology and nonprofit organisations in North America while pretending to be well-known programmes including AnyDesk, Cisco AnyConnect VPN, TreeSize Free, and WinSCP.

The Nitrogen malware’s main objective is to grant threat actors initial access to business networks so they may engage in data theft, cyberespionage, and ultimately the deployment of the BlackCat/ALPHV ransomware. Late in June, eSentire was the first to report on the Nitrogen campaign, and at the beginning of July, Trend Micro examined the post-compromise behaviour of WinSCP advertising causing BlackCat/ALPHV ransomware outbreaks.

New Nitrogen malware pushed via Google Ads for ransomware attacks

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

New Nitrogen malware pushed via Google Ads for ransomware attacks

26-Jul-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address