THREAT OPS › Threat News › SEO poisoning campaign leverages Gemini and Claude Code impersonation to deliver infostealer
SEO poisoning campaign leverages Gemini and Claude Code impersonation to deliver infostealer
<h3><strong>Executive summary<br /><br /></strong></h3> <ul> <li style="text-align: justify;"><span style="line-height: 115%;">Financially motivated eCrime actors will likely continue to expand opportunistic campaigns by impersonating AI platforms. These campaigns generate direct supply chain risk for enterprises, as threat actors target software developer tooling, including AI coding assistant
MITRE ATT&CK techniques
Indicators of compromise
- track.hubspot.comdomain
- 2fblog.eclecticiq.comdomain
- 252fblog.eclecticiq.comdomain