Threat Research

    The ClickFix Factory: First Exposure of IUAM ClickFix Generator

    Attackers are leveraging a social engineering technique called ClickFix—which tricks users into manually executing malware—and are now packaging it into phishing kits for easy use. One such kit, the IUAM ClickFix Generator, automates the creation of deceptive phishing pages that mimic browser verification screens....
    10/9/2025  0
    Read More »

    Deconstructing a Cyber Deception: An Analysis of the Clickfix HijackLoader Phishing Campaign

    The Clickfix HijackLoader phishing campaign highlights the growing threat of attack loaders in modern cyberattacks. Since mid-2025, attackers have used Clickfix to trick victims into downloading malicious .msi installers, leading to the execution of HijackLoader—a sophisticated Malware-as-a-Service tool....
    9/18/2025  0
    Read More »

    Discovery of Previously Unknown Loader

    A new loader has been identified leveraging the Pascal scripting engine in Inno Setup. It is used to distribute infostealers such as LummaC2, DeerStealer, Rhadamanthys, and StealC. Typically spread via fake application websites, the loader features anti-VM capabilities, XOR-based string encryption, and retrieves payloads from TinyURL using an authentication token....
    5/5/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.