Cybersecurity researchers have uncovered malware campaigns using ClickFix social engineering tactics to deploy Amatera Stealer and NetSupport RAT, tracked under the name EVALUSION. These campaigns involve sophisticated evasion techniques and targeted phishing methods to steal sensitive data and remote control systems. #Amatera #ClickFix #EVALUSION #NetSupport
Keypoints
- Amatera Stealer evolved from ACR (AcridRain) malware and is sold via subscription plans.
- The malware features advanced evasion methods like WoW64 SysCalls to bypass security tools.
- ClickFix attacks utilize Windows Run dialog, mshta.exe, and PowerShell scripts to download payloads.
- Phishing campaigns distribute malware using fake websites, emails, and obfuscated scripts.
- Attacks include credential theft, remote access via NetSupport RAT, and targeted information exfiltration.
Read More: https://thehackernews.com/2025/11/new-evalusion-clickfix-campaign.html