
Sign up to save your podcasts
Or


Today we are joined by Ben Folland, Security Operations Analyst from Huntress, discussing their work on "ClickFix Gets Creative: Malware Buried in Images." This analysis covers a ClickFix campaign that uses fake human verification checks and a realistic Windows Update screen to trick users into manually running malicious commands.
The multi-stage attack chain leverages mshta.exe, PowerShell, and .NET loaders, ultimately delivering infostealers like LummaC2 and Rhadamanthys, with payloads hidden inside PNG images using steganography. While technically sophisticated, the campaign hinges on simple user interaction, underscoring the importance of user awareness and controls around command execution.
The research can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices
By N2K Networks4.8
10061,006 ratings
Today we are joined by Ben Folland, Security Operations Analyst from Huntress, discussing their work on "ClickFix Gets Creative: Malware Buried in Images." This analysis covers a ClickFix campaign that uses fake human verification checks and a realistic Windows Update screen to trick users into manually running malicious commands.
The multi-stage attack chain leverages mshta.exe, PowerShell, and .NET loaders, ultimately delivering infostealers like LummaC2 and Rhadamanthys, with payloads hidden inside PNG images using steganography. While technically sophisticated, the campaign hinges on simple user interaction, underscoring the importance of user awareness and controls around command execution.
The research can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices

188 Listeners

2,009 Listeners

1,657 Listeners

369 Listeners

375 Listeners

1,534 Listeners

648 Listeners

317 Listeners

421 Listeners

8,051 Listeners

178 Listeners

313 Listeners

192 Listeners

73 Listeners

136 Listeners