Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery
The Hacker News·
Originalartikel lesen bei The Hacker NewsClickFix, the trick that fools people into running malware by hand, has quietly grown a back office. New research shows the malicious commands behind its fake "prove you're human" pages are now handed out by API-driven servers that give each visitor the same malware in a different disguise. The...
Red-Team-Relevanz
Was heißt das für dein nächstes Assessment?
- Initial Access möglich?Unklar
- Privilege Escalation relevant?Ja
- Exploit öffentlich verfügbar?Unklar
- Detection / Logging prüfbar?Ja
- Für Purple-Team-Szenario geeignet?Unklar
Kundenfragen
- Haben wir Windows extern erreichbar?
- Können wir Resource Development detektieren?
MITRE ATT&CK Kill Chain (4 Techniken)
Resource Development