Product

Microsoft Windows

2 briefs RSS

ClickFix 'BackgroundFix' Campaign Delivers CastleLoader, NetSupport RAT, and CastleStealer

The 'BackgroundFix' ClickFix campaign uses social engineering to trick victims into downloading malware disguised as a free image-editing tool, leading to the deployment of CastleLoader, NetSupport RAT for remote access, and CastleStealer for credential theft.

Microsoft Windows +2 clickfix malware social-engineering rat infostealer castleloader netsupport

2r 3t 1i 4d ago

medium advisory

Registry Persistence via AppInit DLL Modification

2 rules 2 TTPs

Modification of the AppInit DLLs registry keys on Windows systems allows attackers to execute code in every process that loads user32.dll, establishing persistence and potentially escalating privileges.

Microsoft Windows +6 persistence defense-evasion appinit-dlls registry windows

2r 2t Jan 3, 2024