Fake Google and Cloudflare verification pages spread multiple malware families


ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own devices.

A single mistake can install malware that steals passwords and other sensitive data, gives attackers remote access to your computer, or downloads additional malware that can take full control of your system.

We uncovered multiple campaigns using the same infrastructure to deliver malware including HijackLoader, StealC, Remus, Amatera Stealer, CastleLoader, NetSupport, and a Rust-based stealer.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • The Unseen Layers: Exploring The Tactics Of Multistage .NET Malware Packers

    November 27, 2023

    Recently, the SonicWall Capture Labs Threat Research team has identified a new .NET Packer that is currently being widely used by the various stealers such as Lokibot, AgentTesla etc. In the ever-evolving landscape of cybersecurity threats, malicious actors continue to develop sophisticated techniques to compromise systems and exploit vulnerabilities. One such method gaining prominence is the ...

  • Ransomware ‘catastrophe’ at Fidelity National Financial causes panic with homeowners and buyers

    November 27, 2023

    Last Tuesday, Fidelity National Financial, or FNF, a real estate services company that bills itself as the “leading provider of title insurance and escrow services, and North America’s largest title insurance company,” announced that it had experienced a cyberattack. Since then, homeowners who have mortgages and prospective buyers who are purchasing properties with FNF or one ...

  • Gulf Air hit with data breach, customer data possibly affected

    November 27, 2023

    Gulf Air, the national air carrier for the Kingdom of Bahrain, has confirmed suffering a data breach which most likely resulted in hackers stealing sensitive customer information. The company confirmed the news via a press release shared with local media highlighting a “data breach incident” on November 24, possibly resulting in the compromise of “some information ...

  • New Jersey: Montclair, Westwood Hospitals Divert Ambulances After Cyber Attack

    November 27, 2023

    Two hospitals in North Jersey are diverting ambulances from their emergency rooms after a cyber attack, authorities confirmed Monday. The attack impacted the computer systems at Mountainside Medical Center in Montclair, and Pascack Valley Medical Center in Westwood. Read more… Source: MSN News  

  • Foreign spy conducts cyberattacks against China’s defense, high-tech firm

    November 27, 2023

    China’s Ministry of State Security (MSS) disclosed a new case on Monday of foreign espionage activities involving the recruitment of a Chinese software developer who provided “technical services.” This spy agency used “poisoned” software to conduct cyberattacks and steal secrets from dozens of China’s defense and high-tech enterprises. Wang, a Chinese engineer in the network technology ...

  • The Dark Side of AI: Large-Scale Scam Campaigns Made Possible by Generative AI

    November 27, 2023

    Generative artificial intelligence technologies such as OpenAI’s ChatGPT and DALL-E have created a great deal of disruption across much of our digital lives. Creating credible text, images and even audio, these AI tools can be used for both good and ill. That includes their application in the cybersecurity space. Read more… Source: Sophos