Social-engineering malware delivery via trusted installation and download paths
Security researchers reported two active/feasible malware-delivery patterns that abuse user trust in “normal” software acquisition flows rather than exploiting a specific browser or OS vulnerability. LayerX demonstrated a proof-of-concept Chrome add-on (Totally Innocent Extension) that can silently modify executables as they are downloaded—including from legitimate vendor sites—by appending attacker-controlled code without breaking the original application or requiring additional extension permissions, enabling follow-on outcomes such as persistence, lateral movement, and data theft. The researchers said the technique highlights gaps in browser extension security controls; Google and Mozilla did not acknowledge it as a product issue, with Google indicating social-engineering-driven intrusions fall outside its browser threat model.
Separately, Push Security documented InstallFix, a new variant of the ClickFix social-engineering technique, where attackers clone installation pages for popular CLI tools and replace the install steps with malicious “copy/paste” commands (e.g., curl-to-shell patterns) that fetch payloads from attacker infrastructure. A noted example used a cloned Claude Code (Anthropic) CLI install page that preserved legitimate branding and redirected most links back to the real site, while only the macOS/Windows install instructions delivered malware; the pages were promoted via Google Ads malvertising for searches like “Claude Code install,” increasing the likelihood of developer and non-developer victims executing the malicious commands.
Timeline
Mar 6, 2026
Google says social-engineering intrusions are outside Chrome's threat model
Following LayerX's disclosure, Google reportedly did not acknowledge the issue as a browser security flaw and stated that social-engineering intrusions fall outside Chrome's threat model. Mozilla also reportedly did not acknowledge the issue.
Mar 6, 2026
LayerX demonstrates browser extension download-tampering PoC
LayerX researchers showed that a seemingly benign browser extension could covertly modify downloaded executables in Google Chrome, appending attacker-controlled code without extra permissions or visible warnings. In the demonstration, the extension altered a Spotify installer downloaded from the official website while preserving normal application behavior.
Mar 6, 2026
BleepingComputer confirms malicious Claude Code ads remain active
BleepingComputer verified that sponsored Google search ads promoting the fake Claude Code installation pages were still active at the time of reporting. The ads targeted searches such as "Claude Code install" and "Claude Code CLI" to drive victims to attacker-controlled pages.
Mar 6, 2026
Push Security identifies InstallFix malvertising campaign
Push Security reported a new ClickFix-style social engineering variant dubbed "InstallFix" that uses fake CLI installation pages, notably for Anthropic's Claude Code CLI, to trick users into running malicious terminal commands. The campaign delivers Amatera Stealer and promotes the fake pages through Google Ads while hosting them on legitimate platforms to evade detection.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Malware
Organizations
Affected Products
Sources
Related Stories
Social-Engineering Malware Campaigns Targeting End Users via Browser Stores and Fake Installers
Multiple active **social-engineering-driven malware operations** are targeting end users through trusted distribution channels. One campaign, dubbed **GhostPoster**, distributed **17 malicious browser extensions** across *Chrome, Firefox, and Edge* with **840,000+ installs**, using legitimate-sounding names (e.g., “Google Translate in Right Click,” “Youtube Download,” “Ads Block Ultimate”) and evading store reviews for years. The extensions used **steganography** to hide code in PNGs, then extracted payloads to contact attacker infrastructure, enabling credential/data theft, tracking, affiliate-link hijacking, script injection, and HTTP header manipulation to weaken protections. Separately, threat actors are impersonating **Malwarebytes** via trojanized ZIP “installers” (e.g., `malwarebytes-windows-github-io-X.X.X.zip`) and using **DLL sideloading**—pairing a legitimate EXE with a malicious `CoreMessaging.dll`—to execute **infostealers**; reporting highlighted a campaign fingerprint via **behash** `4acaac53c8340a8c236c91e68244e6cb` and distinctive DLL strings used for infrastructure mapping. A different operation identified by CloudSEK involves **“RedLineCyber”** masquerading as an affiliate of “RedLine Solutions” to build credibility inside private **Discord** communities and deliver a Python-based **clipboard hijacker** (often `Pro.exe` / `peeek.exe`) aimed at **cryptocurrency wallet theft**, relying on long-term grooming of high-value targets rather than broad phishing.
1 months ago
ClickFix Social Engineering Drives Multi-Platform Malware Delivery
Security researchers reported multiple active campaigns using **ClickFix** social engineering—fake error dialogs or verification prompts that trick users into manually running attacker-supplied commands—to bypass browser and download protections and establish an initial foothold. In one enterprise case investigated by **CERT Polska (cert.pl)**, victims were lured via compromised websites showing a fake CAPTCHA/“fix” prompt that instructed them to paste and run a **PowerShell** command via `Win+R`; the script then downloaded a dropper and enabled rapid follow-on activity that can scale to **enterprise-wide compromise**, including deployment of secondary malware such as **Latrodectus** and **Supper** for data theft, lateral movement, and potential ransomware staging. A separate ClickFix operation targeted **macOS developers** by cloning the *Homebrew* site on typosquatted infrastructure; the “install” command was subtly altered to fetch content from `raw.homabrews.org` instead of `raw.githubusercontent.com`, leading to **Cuckoo Stealer** deployment and credential harvesting via repeated password prompts using macOS Directory Services, with related domains tied to shared hosting at **`5.255.123.244`**. ClickFix was also observed as the initial execution mechanism for the resurfaced **Matanbuchus 3.0** MaaS loader, which uses deceptive copy/paste prompts and **silent MSI** execution (via `msiexec`) to deliver a new payload, **AstarionRAT**, enabling capabilities including credential theft and **SOCKS5** proxying; operators were reported to move laterally quickly (including toward domain controllers), consistent with ransomware or data-exfiltration objectives.
1 months ago
InstallFix malvertising campaign spreads fake Claude Code installers to deliver Amatera Stealer
Push Security reported a new **ClickFix-style** social-engineering campaign dubbed **InstallFix** that uses **Google-sponsored search ads** to drive developers to near-identical cloned “install” pages for *Anthropic Claude Code* and similar AI coding tools. Victims are prompted to copy/paste terminal commands from the fake pages; executing them installs **Amatera Stealer**, enabling credential theft and potential access to enterprise development environments. Separate reporting highlighted adjacent browser-based tradecraft: a previously legitimate Chrome extension (*QuickLens – Search Screen with Google Lens*) with roughly **7,000 users** was updated to deploy **ClickFix** attacks, strip web security headers, and steal cryptocurrency wallet seed phrases before being removed from the Chrome Web Store. A weekly threat bulletin also noted unrelated incidents (e.g., ransomware and data breaches) and separate AI-themed malicious extensions that harvest LLM chat histories, but those items are not part of the InstallFix/Claude Code malvertising campaign itself.
1 months ago