Australian Cyber Security Centre Warns of ClickFix Attacks Targeting U.S. Infrastructure
The Australian Cyber Security Centre (ACSC) has issued a warning regarding a malicious cyber campaign that utilizes the ClickFix social engineering technique to deploy the Vidar Stealer malware. This campaign is targeting infrastructure and organizations across various sectors, including those in the United States. Vidar Stealer is an infostealer malware that primarily affects Microsoft Windows users, aiming to extract sensitive information such as usernames, passwords, credit card details, cryptocurrency wallets, browser history, and multi-factor authentication tokens. The malware has been active since 2018 and is distributed through compromised WordPress sites. These sites redirect users to malicious sites using ClickFix tactics, which involve fake CAPTCHA verification prompts to trick users into executing harmful commands. Once deployed, Vidar Stealer employs defense-evasion techniques, including self-deletion of the initial executable, allowing it to persist in memory and evade detection. 
