Fake Google Meet Page Tricks Users into Running PowerShell Malware

Last month, a customer reached out to us after noticing suspicious URLs on their WordPress site. Visitors reported being prompted to perform unusual actions.

We began our investigation, scanning the site for common malware indicators and looking for signs of obfuscated JavaScript or injected iframes. What we found, however, was more subtle and potentially more dangerous.

We have seen similar infections previously where the attacker would ask the users to run PowerShell commands on their system.

Continue reading Fake Google Meet Page Tricks Users into Running PowerShell Malware at Sucuri Blog.