Description
McAfee Labs uncovered a sophisticated social engineering technique, dubbed 'ClickFix,' for deploying malware such as DarkGate and Lumma Stealer. Victims are lured to compromised websites displaying error messages with instructions to paste scripts in PowerShell, facilitating malware downloads and execution. This deceptive tactic exploits users' trust by masquerading as legitimate error prompts, tricking them into unknowingly executing malicious code that compromises their systems.
Date
| Published | Created | Modified |
|---|---|---|
| July 15, 2024, 3:12 p.m. | July 15, 2024, 3:12 p.m. | July 15, 2024, 3:26 p.m. |
Indicators
e60d911f2ef120ed782449f1136c23ddf0c1c81f7479c5ce31ed6dcea6f6adf9
6608aeae3695b739311a47c63358d0f9dbe5710bd0073042629f8d9c1df905a8
07594ba29d456e140a171cba12d8d9a2db8405755b81da063a425b1a8b50d073
8c382d51459b91b7f74b23fbad7dd2e8c818961561603c8f6614edc9bb1637d1
e9ad648589aa3e15ce61c6a3be4fc98429581be738792ed17a713b4980c9a4a2
5c204217d48f2565990dfdf2269c26113bd14c204484d8f466fb873312da80cf
7d8a4aa184eb350f4be8706afb0d7527fca40c4667ab0491217b9e1e9d0f9c81
Attack Patterns
Lumma Stealer
DarkGate
T1223
T1568
T1588
T1490
T1608
T1564.003
T1137
T1059.001
T1204.002
T1486
T1564
T1547
T1218
T1105
T1204
T1140
T1027
T1112
T1059