A recent malvertising campaign targeted system administrators by impersonating the PuTTY website. Clicking on the fake download deployed a new Go-based malware loader that retrieved the Rhadamanthys stealer payload. The threat actor likely controls both the malvertising and loader infrastructure to enable end-to-end deployment of malware.

Click for details.