#clickfix
#clickfix
[ follow ]
#social-engineering #phishing #malware #ransomware #cybersecurity #remote-access-trojan #steganography #powershell
Information security
fromThe Hacker News
1 week agoMicrosoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging
Attackers use nslookup via Windows Run to perform DNS lookups against hard-coded DNS servers, extracting 'Name:' responses to execute second-stage payloads and evade detection.
Privacy technologies
fromThe Hacker News
3 weeks agoMicrosoft Warns Python Infostealers Target macOS via Fake Ads and Installers
Information-stealing attacks are expanding to macOS, leveraging cross-platform languages, social-engineering lures, and trusted platforms to distribute Python-based stealers at scale.
fromThe Hacker News
1 month agoClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services
"Instead of launching PowerShell directly, the attacker uses this script to control how execution begins and to avoid more common, easily recognized execution paths," Blackpoint researchers Jack Patrick and Sam Decker said in a report published last week. In doing so, the idea is to transform the App-V script into a living-off-the-land (LotL) binary that proxies the execution of PowerShell through a trusted Microsoft component to conceal the malicious activity.
Information security
fromThe Hacker News
3 months agoNew EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT
As is typically the case with ClickFix attacks, users are tricked into executing malicious commands using the Windows Run dialog in order to complete a reCAPTCHA verification check on bogus phishing pages. The command initiates a multi-step process that involves using the "mshta.exe" binary to launch a PowerShell script that's responsible for downloading a .NET downloaded from MediaFire, a file hosting service.
Information security
Information security
fromThe Hacker News
4 months agoAnalysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches
ClickFix attacks trick users into executing malicious local commands by copying clipboard code via browser prompts, enabling ransomware and data breaches through SEO poisoning and malvertising.
Information security
fromThe Hacker News
4 months agoResearchers Expose TA585's MonsterV2 Malware Capabilities and Attack Chain
TA585 independently conducts sophisticated phishing and web-injection campaigns to deliver MonsterV2 RAT via ClickFix social engineering and PowerShell-based payload execution.
Information security
fromThe Hacker News
5 months agoDPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams
North Korea–linked actors used ClickFix lures to deliver BeaverTail and InvisibleFerret malware to non-developer cryptocurrency, retail, and Web3 roles via fake hiring platforms.
fromTheregister
5 months agoFileFix attacks trick victims into executing infostealers
FileFix is a variation on ClickFix, a newish type of social-engineering technique first spotted last year that tricks victims into running malware on their own devices using fake fixes and login prompts. These types of attacks have surged by 517 percent in the past six months, according to researchers at antivirus and internet security software vendor ESET, making them second most common attack vector behind phishing.
Information security
Information security
fromThe Hacker News
6 months agoShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners
ShadowCaptcha uses compromised WordPress sites and fake CAPTCHA pages with ClickFix social engineering to deliver stealers, ransomware, and cryptocurrency miners.
[ Load more ]