Articles with #ClickFixPhishing

Showing 2 of 2 articles

New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint

BleepingComputer on 2025-03-03 18:33:52 in hacking

#ClickFixPhishing #HavocC2Attack #MicrosoftSharepointExploit #CybersecurityThreats #SoftwareUpdateScam #PhishingCampaigns #MalwareDeployment #DataBreachRisk #NetworkSecurityMatters #InfoSecTips #ProtectYourData #SecureYourSystem #StaySafeOnline #CybersecurityAwareness #TechSafetyFirst

Discussion Points

r.
The information provides valuable insights for those interested in AI.
Understanding AI requires attention to the details presented in this content.

Summary

A recent discovery has revealed a sophisticated phishing campaign exploiting vulnerabilities in user behavior to execute malicious PowerShell commands. This allows attackers to gain unauthorized access to compromised devices, potentially leading to significant data breaches and disruption of operations.The attackers' tactics involve tricking victims into executing malicious scripts, which in turn deploy the Havok post-exploitation framework.

This framework provides remote access to compromised devices, enabling attackers to establish a persistent presence and conduct further malicious activities.To mitigate this risk, it is essential for individuals and organizations to remain vigilant and take proactive measures. This includes implementing robust security controls, conducting regular awareness training on phishing campaigns, and ensuring that all software and systems are up-to-date with the latest security patches.

A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised device...

Read Full Article »

Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites

The Hacker News on 2025-03-03 15:00:00 in hacking

#ClickFixPhishing #HavocC2 #SharePointMalware #CybersecurityThreats #MalwareSpreading #OpenSourceC2 #MicrosoftGraphAPI #PhishingCampaigns #SecurityAlert #OrganizationsAtRisk #MalwarePrevention #EmailFiltering #StaySafeOnline #CybersecurityAwareness #HavocDemon

Discussion Points

r.
The information provides valuable insights for those interested in research.
Understanding research requires attention to the details presented in this content.

Summary

A new phishing campaign has been identified by cybersecurity researchers, utilizing the ClickFix technique to spread an open-source command-and-control framework called Havoc. This technique allows threat actors to evade detection and delivers malware through a SharePoint site.

The malicious payload is then communicated using a modified version of the Havoc Demon framework, combined with the Microsoft Graph API.The use of a legitimate platform like SharePoint to host the malware makes it difficult to detect, as it blends in with trusted and well-known services. This sophistication highlights the need for improved cybersecurity practices and increased awareness among individuals and organizations.The involvement of the Microsoft Graph API in this campaign is particularly concerning, as it suggests that threat actors are becoming more adept at utilizing legitimate tools and APIs to deliver malicious communications.

Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. "The threat ac...

Read Full Article »