#clickfix tag - Briefly

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

COLDRIVER, also tracked as Callisto, Star Blizzard, and UNC4057, is the moniker assigned to a Russia-linked threat actor that's known to target a wide range of sectors since 2019. While early campaign waves were observed using spear-phishing lures to direct targets to credential harvesting pages, the group has been fleshing out its arsenal with custom tools like SPICA and LOSTKEYS, which underscores its technical sophistication.

Information security

fromThe Hacker News

1 week ago

DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams

North Korea–linked actors used ClickFix lures to deliver BeaverTail and InvisibleFerret malware to non-developer cryptocurrency, retail, and Web3 roles via fake hiring platforms.

fromTheregister

2 weeks ago

FileFix attacks trick victims into executing infostealers

FileFix is a variation on ClickFix, a newish type of social-engineering technique first spotted last year that tricks victims into running malware on their own devices using fake fixes and login prompts. These types of attacks have surged by 517 percent in the past six months, according to researchers at antivirus and internet security software vendor ESET, making them second most common attack vector behind phishing.

Information security

fromTheregister

3 weeks ago

Double trouble with CastleRAT malware, now in C and Python

TAG-150 created CastleRAT in Python and C, using ClickFix social engineering to trick users into pasting commands that enable remote access and payload delivery.

Information security

fromThe Hacker News

1 month ago

ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners

ShadowCaptcha uses compromised WordPress sites and fake CAPTCHA pages with ClickFix social engineering to deliver stealers, ransomware, and cryptocurrency miners.

#cybersecurity

fromThe Hacker News

1 month ago