A Social Engineering Tactic to Deploy Malware
July 15, 2024, 3:26 p.m.
Description
McAfee Labs uncovered a sophisticated social engineering technique, dubbed 'ClickFix,' for deploying malware such as DarkGate and Lumma Stealer. Victims are lured to compromised websites displaying error messages with instructions to paste scripts in PowerShell, facilitating malware downloads and execution. This deceptive tactic exploits users' trust by masquerading as legitimate error prompts, tricking them into unknowingly executing malicious code that compromises their systems.
Tags
Date
- Created: July 15, 2024, 3:12 p.m.
- Published: July 15, 2024, 3:12 p.m.
- Modified: July 15, 2024, 3:26 p.m.
Indicators
- e60d911f2ef120ed782449f1136c23ddf0c1c81f7479c5ce31ed6dcea6f6adf9
- 6608aeae3695b739311a47c63358d0f9dbe5710bd0073042629f8d9c1df905a8
- 07594ba29d456e140a171cba12d8d9a2db8405755b81da063a425b1a8b50d073
- 8c382d51459b91b7f74b23fbad7dd2e8c818961561603c8f6614edc9bb1637d1
- e9ad648589aa3e15ce61c6a3be4fc98429581be738792ed17a713b4980c9a4a2
- 5c204217d48f2565990dfdf2269c26113bd14c204484d8f466fb873312da80cf
- 7d8a4aa184eb350f4be8706afb0d7527fca40c4667ab0491217b9e1e9d0f9c81
Attack Patterns
- Lumma Stealer
- DarkGate
- T1223
- T1568
- T1588
- T1490
- T1608
- T1564.003
- T1137
- T1059.001
- T1204.002
- T1486
- T1564
- T1547
- T1218
- T1105
- T1204
- T1140
- T1027
- T1112
- T1059