Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

TamperedChef

Acronis warns of ongoing ‘TamperedChef’ malvertising campaign using signed fake installers

Cybercrime, News, Research, Risk, Vulnerabilities

November 20, 2025

Acronis Threat Research Unit says operators are using signed counterfeit installers in a global malvertising campaign dubbed TamperedChef to deploy a JavaScript backdoor, with infections concentrated in the U.S. and several industries affected; some variants have been used for advertising fraud while broader motives remain unclear.
TamperedChef information stealer emerges in malvertising campaign promoting AppSuite PDF Editor

Cybercrime, News, Research, Vulnerabilities

August 30, 2025

Cybersecurity researchers have identified a malvertising campaign delivering a backdoored PDF editor, AppSuite PDF Editor, that drops a new information stealer dubbed TamperedChef. The operation leverages Windows Registry persistence, a C2-enabled backdoor, and widespread Google ad campaigns to maximize downloads.

About
Editorial Policy
Privacy
Contact