Tag
high
advisory
ClickFix 'BackgroundFix' Campaign Delivers CastleLoader, NetSupport RAT, and CastleStealer
2 rules 3 TTPs 1 IOCThe 'BackgroundFix' ClickFix campaign uses social engineering to trick victims into downloading malware disguised as a free image-editing tool, leading to the deployment of CastleLoader, NetSupport RAT for remote access, and CastleStealer for credential theft.
Microsoft Windows +2
clickfix
malware
social-engineering
rat
infostealer
castleloader
netsupport
2r
3t
1i
high
advisory
DeepLoad Malware Distributed via ClickFix
2 rules 3 TTPsThe DeepLoad malware steals credentials, installs malicious browser extensions, spreads via USB drives, and is being distributed via ClickFix campaigns using PowerShell loaders.
deepload
clickfix
credential-theft
windows
2r
3t