New China-Aligned Crew Poisons Windows Servers for SEO Fraud

New China-aligned crew poisons Windows servers for SEO fraud

: Defrauding search with custom malware, Potato-family exploits

ESET Research discovers new Chinese threat group: GhostRedirector manipulates Google, poisons Windows servers with backdoors

ESET Research observed at least 65 Windows servers compromised, based on an internet scan from June 2025.ESET believes that a previously unknown,...

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor And Gamshen IIS Module - Cybernoz - Cybersecurity News

Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services (IIS) module codenamed Gamshen. The threat actor is believed to be a…

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module

Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services (IIS) module

GhostRedirector Emerges as New China-Aligned Threat Actor

A newly identified hacking group named GhostRedirector has compromised 65 Windows servers using previously unknown tools This article has been indexed from www.infosecurity-magazine.com Read the original article: GhostRedirector Emerges as New China-Aligned Threat Actor Read more → The post GhostRedirector Emerges as New China-Aligned Threat Actor appeared first on IT Security News.