Is this actually a CVE?
The headline at least looks more like lOoK, sSh eXplOiTeRs uSe sSh cLiEnTs tO eXpLoIt sSh CVEs!!1!1elf11
TL;DR: Free Software being repackaged with malware in order to trick people who download from fake websites like Softonic and shit. No PuTTY exploit, no Win exploit, just pure user error
Free software being repackaged with malware is nothing new and has been around for a long while. Headline feels very click bait-y.
This article seems to describe one of the things an attacker can do once they already have access to your device - a method for maintaining access that can evade detection. Did I miss the part where this article explains how a machine gets compromised in the first place, or does it just presume your machine is already somehow infected?
