Lampion Is Back With ClickFix Lures

SUMMARY :

A highly focused malicious campaign targeting Portuguese organizations, particularly in government, finance, and transportation sectors, has been uncovered. The campaign is linked to Lampion malware, an infostealer focusing on banking information. The threat actors have incorporated ClickFix lures, a social engineering technique that tricks victims into executing malicious commands. The infection chain involves multiple stages of obfuscated Visual Basic scripts, evasion techniques, and a complex execution method. While the final payload was not delivered in this instance, the campaign demonstrates the threat actors' adaptation and sophistication. The article emphasizes the importance of enhanced detection capabilities and provides recommendations for security practitioners to address this evolving threat.

OPENCTI LABELS :

powershell,social engineering,infostealer,obfuscation,vbscript,clickfix,lampion


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Lampion Is Back With ClickFix Lures