Summary:
-
New Malware Campaign
A ClickFix campaign is tricking users with fraudulent Google Meet conference pages displaying fake connectivity errors that deliver info-stealing malware for Windows and MacOS systems. -
Social Engineering Tactic
The ClickFix method, first noted in May by Proofpoint, involves impersonating error messages for software like Google Chrome, Microsoft Word, and OneDrive to lure victims into executing harmful PowerShell commands. -
Malware Variants
Victims who follow these instructions may inadvertently install various types of malware, including DarkGate, Matanbuchus, NetSupport, and Lumina Stealer, among others. -
Increased Frequency
Reports indicate that these ClickFix campaigns have become more common, especially in the United States and Japan, evolving to use Google Meet as a lure and targeting specific industries through phishing emails. -
Threat Actor Groups
Recent analyses reveal that these campaigns are conducted by two threat groups, Slavic Nation Empire (SNE) and Scamquerteo, linked to larger cryptocurrency scam operations.
Read more at: BleepingComputer
!