All news with #stealc tag

New FileFix Variant Delivers StealC via Multilingual Phish

🔍 Acronis researchers warn of a campaign using a FileFix variant to deliver the StealC information stealer via a multilingual, heavily obfuscated phishing site. The lure mimics a Facebook security notice and hijacks the clipboard to implant a multi-stage PowerShell command that victims are tricked into executing through File Explorer. Attackers store encoded payload components as images on Bitbucket, decode them locally with a Go-based loader, and ultimately unpack shellcode that launches StealC. The infrastructure uses junk code, fragmentation and other anti-analysis techniques to evade detection and complicate forensic analysis.

FileFix Steganography Attack Drops StealC Infostealer

🛡️ A new FileFix campaign impersonates Meta support to trick users into pasting a disguised PowerShell command into the File Explorer address bar, which then downloads and executes malware. The attackers hide a second-stage script and encrypted binaries inside a seemingly benign JPG hosted on Bitbucket using steganography. The final payload is the StealC infostealer, designed to harvest browser credentials, messaging logins, crypto wallets, cloud keys and more. Security vendor Acronis observed multiple evolving variants over a two-week period and urges user education on these novel ClickFix/FileFix tactics.