"FileFix is a variation on ClickFix, a newish type of social-engineering technique first spotted last year that tricks victims into running malware on their own devices using fake fixes and login prompts. These types of attacks have surged by 517 percent in the past six months, according to researchers at antivirus and internet security software vendor ESET, making them second most common attack vector behind phishing."
"Acronis' Threat Research Unit discovered the FileFix attack in late August, and told The Register that it's the first in-the-wild example that doesn't strictly follow the original proof-of-concept (PoC) attack demonstrated by a researcher known as "mr.d0x" in July. "I've seen samples pop up on the 13th, which is a couple of days ago," Acronis senior researcher Eliad Kimhy told The Register, noting a burst of VirusTotal file submissions and phishing sites associated with this attack."
FileFix masquerades as a Facebook security alert and delivers the StealC infostealer alongside a malware downloader. The attack is a variation of the ClickFix social-engineering technique that tricks victims into running commands themselves by copying and pasting text into Windows Run or File Explorer. ClickFix-style campaigns have surged 517 percent in six months, becoming the second most common attack vector after phishing. Acronis' Threat Research Unit identified an in-the-wild FileFix instance in late August and observed global VirusTotal submissions and multilingual phishing pages, suggesting widespread targeting and evolving attacker infrastructure.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]