Fake Google and Cloudflare verification pages spread multiple malware families


ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own devices.

A single mistake can install malware that steals passwords and other sensitive data, gives attackers remote access to your computer, or downloads additional malware that can take full control of your system.

We uncovered multiple campaigns using the same infrastructure to deliver malware including HijackLoader, StealC, Remus, Amatera Stealer, CastleLoader, NetSupport, and a Rust-based stealer.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Ring doorbell owners warned of bank raiding attack as thieves target Brits

    March 21, 2024

    Home security gadgets like Ring doorbells are increasingly being targeted by cyber crooks and their nasty phishing campaigns. Cybersecurity experts at Trustwave have warned Ring customers – and owners of similar gadgets from other brands – that home security tech is being used against the people its supposed to protect. Read more… Source: The Sun  

  • China’s MSS publicizes typical case to remind public of overseas cyber ransom attacks

    March 21, 2024

    China’s national security authorities publicized on Thursday a typical case of cyber ransom attacks to help raise public awareness over online blackmail and attacks from overseas, which not only affects social stability and economic development but also threatens China’s national security and interests. A Chinese high-tech company recently filed a report through the hotline 12339 about ...

  • Android malware, Android malware and more Android malware

    March 20, 2024

    Among the mobile platforms, Android remains the most popular target operating system for cybercriminals. Last month, Kaspersky wrote a total of four private crimeware reports on Android malware, three of which are summarized below. Tambir Tambir is an Android backdoor that targets users in Turkey. It disguises itself as an IPTV app, but does not manifest any ...

  • Microsoft Threat Intelligence unveils targets and innovative tactics amidst tax season

    March 20, 2024

    Cybercriminals use social engineering during holidays and important events like tax season to steal user information. Microsoft Threat Intelligence tax season report outlines some of the various techniques that threat actors use to craft their campaigns and mislead taxpayers into revealing sensitive information, making payments to fake services, or installing malicious payloads. These include phishing emails, ...

  • The ‘AT&T breach’ – what you need to know

    March 20, 2024

    Earlier this week, the data of over 70 million people was posted for sale on an online cybercrime forum. The person selling the data claims it stems from a 2021 breach at AT&T. Back in 2021, a hacker named Shiny Hunters claimed to have breached AT&T and put the alleged stolen data up for sale for ...

  • UK: Criminal investigation into council cyber attack

    March 20, 2024

    Ccriminal investigation has started into a cyber attack that has disrupted Leicester City Council’s systems for more than a week. The council said it could not comment on the nature of the incident while the investigation was ongoing. It told the Local Democracy Reporting Service it still could not say if there had been a data ...