TECH NEWS

Huge hacking campaign uses spoofed Ghidra, dnSpy, and SpiderFoot security tools to harvest ad revenue and serve malware

https://cdn.mos.cms.futurecdn.net/pVCXKrhThqmUjYVSZBjV5Z-2560-80.jpg
  • Over 100 spoofed sites mimic trusted security tools
  • Campaign serves SessionGate, RemusStealer, AnimateClipper
  • Primary goal appears to be traffic monetization

A large-scale malicious campaign was recently uncovered, spoofing reputable open-source security tools to harvest ad revenue and serve malware to developers and security researchers.

Security outfit Check Point Research (CPR) recently published an in-depth report, detailing the campaign. Apparently, threat actors created more than 100 websites spoofing tools such as Ghidra, dnSpy, and SpiderFoot. Visitors were routed through a Traffic Distribution System (TDS) and served multiple malware variants, including SessionGate, RemusStealer, and AnimateClipper.

“What makes this campaign especially notable is the choice of brands: a high-risk subset of sites impersonates trusted reverse-engineering tools such as Ghidra and dnSpy, used by security researchers and malware analysts,” the report reads.

Traffic acquisition and monetization

CPR describes SessionGate as a new multi-stage loader that makes it very difficult to obtain the final payload....

Copyright of this story solely belongs to techradar.com. To see the full text click HERE

Read more

https://www.itvoice.in/wp-content/uploads/2026/06/Copy-of-Redington-2026-06-04T162059.641.jpg

RAH appoints Sanjit Talapatra as Vice President – Cloud & Digital Transformation to drive enterprise cloud modernisation across hyperscale platforms

Enterprises across sectors are under growing pressure to modernise ageing infrastructure, consolidate fragmented technology environments, and extract measurable value from their cloud investments. For many, the gap between ambition and execution remains significant. RAH Infotech has moved to close that gap with the appointment of Sanjit Talapatra as Vice President