Cut & Paste Tactics Import Malware to Unwitting Victims

June 18, 2024 at 02:40PM Threat actors are using fake browser updates and error messages to trick users into pasting malicious PowerShell scripts, leading to malware infections. Researchers from Proofpoint identified two social engineering methods and observed the use of PowerShell in various campaigns, indicating a trend of creative attack chains. Mitigation includes user awareness … Read more

Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware

June 3, 2024 at 12:00AM Fake web browser updates are distributing remote access trojans (RATs) and info stealer malware like BitRAT and Lumma Stealer. Cybersecurity firm eSentire reported that attackers use bogus browser update lures to deliver malware. Attack chain involves booby-trapped sites, Discord-hosted ZIP archives, and PowerShell scripts. Threat actors also employ webhards and … Read more