Cybersecurity Chaos: ClickFix Scams Unleash Amatera Stealer and NetSupport RAT
Cybersecurity researchers have unveiled the EVALUSION campaign, where ClickFix tricks users into launching Amatera Stealer and NetSupport RAT. These sneaky tactics involve bogus reCAPTCHA verifications leading to PowerShell mischief. Amatera, an evolved stealer, is the malware equivalent of a Swiss Army knife, exfiltrating data with flair and finesse.
Hot Take:
Cybercriminals are getting more creative than a kindergarten art class! The latest malware campaigns, featuring the sinister ClickFix tactic, have evolved to deploy Amatera Stealer and NetSupport RAT, proving that hackers never take a vacation. They’re as persistent as a mosquito in summer, and twice as annoying!
Key Points:
– ClickFix is the latest social engineering trick, fooling users into running malicious commands through bogus CAPTCHA checks.
– Amatera Stealer, an evolution of ACR Stealer, targets a wide array of data sources and uses advanced evasion techniques.
– The malware is spread using a multi-step process involving PowerShell scripts and the PureCrypter loader.
– Phishing campaigns using ClickFix are targeting users with fake invoices, compromised websites, and bogus booking sites.
– Obfuscation techniques, like those used by Cephas, are employed to evade detection by anti-phishing scanners.