Contact
OpenCTI Live Threat Report Feed

ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery

NetmanageIT OpenCTI - opencti.netmanageit.com

Daniel Bender

1 min read
ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery



SUMMARY :

ClearFake is a malicious JavaScript framework deployed on compromised websites to deliver malware through drive-by downloads. Threat Actors compromise legitimate websites, injecting malicious JavaScript code that redirects users to convincing fake update pages for browsers like Chrome and Edge. These pages prompt users to download updates hosted on platforms such as Dropbox and OneDrive, which actually contain malware payloads. Notably, since late September, ClearFake has altered its code injection tactics, now utilizing smart contracts from the Binance Smart Chain.

OPENCTI LABELS :

blockchain,javascript,clearfake,browserupdate,wateringhole


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery