TI Mindmap HUB
Threat Intelligence Report

WEBJACK: Evolving IIS Hijacking Campaign Abuses SEO for Fraud and Monetization | WithSecure™ Labs

📅 December 27, 2025 📰 labs.withsecure.com 🔍 0 CVE(s) referenced

A Chinese-speaking threat actor is hijacking Microsoft IIS servers worldwide with custom malware modules to covertly poison search engine results and redirect users to gambling sites, leveraging legitimate security tools for persistence and concealment.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle