Lucene search
K

7 matches found

Malwarebytes
Malwarebytes
added 5 days ago18 views

Fake Google and Cloudflare verification pages spread multiple malware families

Updated July 6 to add connections with SyncTDS and TrafficTDS ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own devices. A single...

6.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/09 1:7 p.m.6 views

Fake Claude Code install pages hit Windows and Mac users with infostealers

Attackers are cloning install pages for popular tools like Claude Code and swapping the “one‑liner” install commands with malware, mainly to steal passwords, cookies, sessions, and access to developer environments. Modern install guides often tell you to copy a single command like curl...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/27 2:38 p.m.8 views

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

Cybersecurity researchers have disclosed details of a new campaign that combines ClickFix-style fake CAPTCHAs with a signed Microsoft Application Virtualization App-V script to distribute an information stealer called Amatera. "Instead of launching PowerShell directly, the attacker uses this scri...

6.4AI score
Exploits0
HackRead
HackRead
added 2026/01/26 12:1 p.m.5 views

New Fake CAPTCHA Scam Abuses Microsoft Tools to Install Amatera Stealer

Another day, another fake CAPTCHA scam, but this one abuses Microsoft’s signed tools...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/17 4:53 p.m.6 views

New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

Cybersecurity researchers have discovered malware campaigns using the now-prevalent ClickFix social engineering tactic to deploy Amatera Stealer and NetSupport RAT. The activity, observed this month, is being tracked by eSentire under the moniker EVALUSION. First spotted in June 2025, Amatera is...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/26 4:40 p.m.6 views

Researchers Expose Phishing Threats Distributing CountLoader and PureRAT

A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader , which is then used to drop Amatera Stealer and PureMiner. "The phishing emails contain malicious Scalable Vector Graphics SVG files designed to trick recipients into opening...

6.6AI score
Exploits0
HackRead
HackRead
added 2025/09/26 2:25 p.m.5 views

Fake Ukraine Police Notices Spread New Amatera Stealer and PureMiner

FortiGuard Labs exposes a high-severity phishing campaign impersonating the National Police of Ukraine to deliver Amatera Stealer data theft and PureMiner cryptojacking to Windows PCs...

7AI score
Exploits0
Rows per page
Query Builder