This article describes a multi-stage malware campaign that uses SEO poisoning to lure victims to malicious sites, which then leverage serverless infrastructure for the subsequent payload delivery. The article does not provide a CVSS score, specific affected software versions, a fixed version, or a recommended workaround.
2026-05-03 (Back to Inventory) Multi-stage malware delivery campaign using SEO poisoning and serverless infrastructure Author(s): Ireneusz Tarnowski Organization: Medium Ireneusz Tarnowski osx.amos Open article directly Related Articles 2026-01-23 ⋅ Medium Ireneusz Tarnowski ⋅ Ireneusz Tarnowski SpyNote: Comprehensive Analysis of an Android Remote Access Trojan SpyNote 2025-12-22 ⋅ Medium Ireneusz Tarnowski ⋅ Ireneusz Tarnowski Operational Analysis of Communication Channels in Mobile RCS SpyFRPTunnel 2025-07-17 ⋅ Medium Ireneusz Tarnowski ⋅ Ireneusz Tarnowski Dissecting the ClickFix User-Execution Attack and Its Sophisticated Persistence via ADS Cobalt Strike