"Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware"
"Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware"
The Mandiant Managed Defense team has discovered an increase in malware infections caused by malvertising campaigns that distribute a loader named "FakeBat," also known as "EugenLoader" and "PaykLoader." The researchers consider these attacks "opportunistic," as they are aimed at users looking to download popular business software. The infection involves a trojanized MSIX installer that runs a PowerShell script to download a secondary payload.