THREATOPS
THREAT OPSThreat News › Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem

Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem

medcheckpoint_researchPublished 2026-06-03

<p>Research by:&nbsp;<strong>Alexey Bukhteyev</strong></p>

<h2 class="wp-block-heading">Key Takeaways</h2>

<ul class="wp-block-list"> <li>Check Point Research investigated a large-scale operation that impersonates open-source and freeware projects to capture search traffic, including lookalikes for researcher and security tooling such as Ghidra, dnSpy, and SpiderFoot. The sites are well-desi

Attributed threat actors

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://research.checkpoint.com/2026/impersonation-click-hijacking-and-tds-inside-a-malware-distribution-ecosystem/