Fake Google and Cloudflare verification pages spread multiple malware families


ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own devices.

A single mistake can install malware that steals passwords and other sensitive data, gives attackers remote access to your computer, or downloads additional malware that can take full control of your system.

We uncovered multiple campaigns using the same infrastructure to deliver malware including HijackLoader, StealC, Remus, Amatera Stealer, CastleLoader, NetSupport, and a Rust-based stealer.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Bermuda: Governor Confirms A ‘Major Cyber-Attack’

    September 22, 2023

    “Bermuda’s Government IT systems were subjected to a major cyber-attack” and the UK’s National Cyber Security Centre and the National Crime Agency “have been in contact with the Bermuda authorities, and are providing advice to support them,” Governor Rena Lalgie said. The Governor said, “Yesterday Bermuda’s Government IT systems were subjected to a major cyber-attack. That ...

  • Backchannel Diplomacy: APT29’s Rapidly Evolving Diplomatic Phishing Operations

    September 22, 2023

    During the lead up to Ukraine’s counteroffensive, Mandiant and Google’s Threat Analysis Group (TAG) have tracked an increase in the frequency and scope of APT29 phishing operations. Investigations into the group’s recent activity have identified an intensification of operations centered on foreign embassies in Ukraine. Notably, as part of this activity, Mandiant have seen phishing emails ...

  • Emergency update: Apple patches three zero-days

    September 22, 2023

    Apple has released security updates for several products to address a handful of zero-day vulnerabilities that may already have been used by criminals. Updates are available for: iOS 16.7 and iPadOS 16.7 iOS 17.0.1 and iPadOS 17.0.1 watchOS 9.6.3 watchOS 10.0.1 macOS Ventura 13.6 macOS Monterey 12.7 Safari 16.6.1 The updates may already have reached you in your regular update routines, but it ...

  • Air Canada releases statement after brief cyber attack

    September 22, 2023

    Air Canada appears to have been the victim of a cyber attack after the company released a statement regarding the incident on September 21st. According to the statement, an authorized group gained what the company describes as “limited” access to an internal Air Canada system. The system was related to the personal information of both staff ...

  • Overview of IoT threats in 2023

    September 21, 2023

    IoT devices (routers, cameras, NAS boxes, and smart home components) multiply every year. Statista portal predicts their number will exceed 29 billion by 2030. As connected device numbers increase, so does the need for protection against various threats. The first-ever large-scale malware attacks on IoT devices were recorded back in 2008, and their number has only ...

  • CISA Releases Six Industrial Control Systems Advisories

    September 21, 2023

    CISA released six Industrial Control Systems (ICS) advisories on September 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-264-01 Real Time Automation 460 Series ICSA-23-264-02 Siemens Spectrum Power 7 ICSA-23-264-03 Delta Electronics DIAScreen Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: ISC Releases Security Advisories for BIND 9