An ongoing search engine optimization (SEO) poisoning attack campaign has been observed abusing trust in legitimate software utilities to trick users into downloading BATLOADER malware on compromised machines. The malware then acts as a stepping stone for gaining further insight into the targeted organization by downloading next-stage executables that propagate the multi-stage infection chain. An alternative variant of the same campaign delivered the Atera remote monitoring management software directly as a consequence of the initial compromise for further follow-on post-exploitation activities.”]
Source: https://thehackernews.com/2022/02/new-seo-poisoning-campaign-distributing.html