Security researchers have found fake Gitcode and DocuSign websites distributing remote access trojan (RAT) malware using the infamous ClickFix method.
Experts from DomainTools Investigations (DTI) found “malicious multi-stage downloader Powershell scripts” hosted on spoofed websites inviting visitors to pull up the Windows Run terminal and run a script copied into their clipboard. “Upon doing so, the powershell script downloads another downloader script and executes on the system, which in turn retrieves additional payloads and executes them eventually installing NetSupport RAT on the infected machines,” the researchers said in their report.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Hacked GPS tracker reveals location data of customers
August 19, 2024
Stalkerware researcher maia arson crimew strikes again. Big time. We know maia as a researcher that loves to go after stalkerware peddlers, which Malwarebytes—as one of the founding members of the Coalition Against Stalkerware—loves to see. The investigation into Tracki, besides uncovering a tangled web of companies, dubious websites, and false identities, also led to a ...
- Wichita airport still without Wi-Fi months after cyber attack
August 19, 2024
It’s been more than three months since a cyber attack on Wichita took the city’s computer systems offline, and one city service is still not completely back to normal. Dwight D. Eisenhower National Airport was impacted by May’s attack. The airport’s Wi-Fi services went down, as well as its departure and arrival screens. While the screens ...
- UK to conduct review on tackling ‘extremist ideologies’, including misogyny
August 18, 2024
UK Home Secretary Yvette Cooper has ordered a review of the United Kingdom’s counterterrorism strategy on how to best tackle threats by “extremist ideologies” including misogyny. Other ideological trends to be investigated by the Home Office include “Islamism” and far-right “extremism”. Cooper said the strategy will “map and monitor extremist trends” and gauge how to direct ...
- How the ransomware attack at Change Healthcare went down: A timeline
August 17, 2024
A ransomware attack earlier this year on UnitedHealth-owned health tech company Change Healthcare likely stands as one of the largest data breaches of U.S. health and medical data in history. Months after the February data breach, a “substantial proportion of people living in America” are receiving notice by mail that their personal and health information was ...
- Unmasking Styx Stealer: How a Hacker’s Slip Led to an Intelligence Treasure Trove
August 16, 2024
In the shadowy world of cybercrime, even the most cunning hackers can make blunders that expose their operations. In this article CPR describes the discovery of Styx Stealer, a new malware variant derived from the notorious Phemedrone Stealer. Check Point investigation revealed critical missteps by the developer of Styx Stealer, including a significant operational security (OpSec) ...
- ‘Keyboard warrior’ jailed for part in UK disorder
August 16, 2024
A man who posted material on social media to stir up racial hatred during recent unrest across the UK has been jailed for three years. Wayne O’Rourke, who had more than 90,000 followers to his X account, posted misinformation about the killing of three young girls in Southport on 29 July and praised the burning of ...