Mastodawn

The Threat Codex Sep 5, 2025

GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes
#GhostRedirector #Rungan #Gamshen
https://www.welivesecurity.com/en/eset-research/ghostredirector-poisons-windows-servers-backdoors-side-potatoes/

GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes

ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS module that manipulates Google search results.

Rene Robichaud Sep 4, 2025

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
https://thehackernews.com/2025/09/ghostredirector-hacks-65-windows.html

#Infosec #Security #Cybersecurity #CeptBiro #GhostRedirector #WindowsServers #Rungan #Backdoor #Gamshen #IISModule

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module

GhostRedirector compromised 65 Windows servers since Aug 2024 using Rungan and Gamshen malware, driving SEO fraud.

The Hacker News