Cofense

From Fake Amazon Security Alert to HarborWatch Agent: ClickFix Delivery of a Custom Monitoring RAT

phishing

By: Dylan Main, Cofense Phishing Defense Center Threat actors do not always need to compromise a major company to weaponize its trust; they simply need to borrow its name. In the following campaign threat, cybercriminals utilize social engineering, lookalike domains, and fake verification tactics to turn a routine security alert into a ClickFix malware delivery with the goal of convincing recipients to unknowingly infect themselves. The Cofense Phishing Defense Center has identified an Amazon-th...

https://cofense.com/blog/from-fake-amazon-security-alert-to-harborwatch-agent-clickfix-delivery-of-a-custom-monitoring-rat