Proofpoint researchers have identified an increase in ClickFix. The ClickFix social engineering technique uses dialogue boxes containing fake error messages to trick people into copying, pasting, and running malicious content on their own computer.

Hackers posed as the UK's Royal Mail to spread Prince ransomware in a destructive campaign that targeted organizations in the US and UK in mid-September. Unlike typical ransomware attacks, this campaign had no decryption methods.

The campaign, which targeted organizations worldwide, involved impersonating tax authorities from various countries and utilizing Google Sheets for command and control (C2).

Iran-linked TA453 targeted a religious figure with a fake podcast interview invitation, attempting to deliver the BlackSmith malware toolkit. The initial lure involved an email leading to a malicious link containing the AnvilEcho PowerShell trojan.

Hackers are exploiting the free TryCloudflare service to distribute remote access trojans (RATs) like AsyncRAT, GuLoader, and Remcos RAT. This activity was first detected in February and has been linked to campaigns targeting various industries.

Proofpoint has discovered a fraudulent website, paris24tickets[.]com, claiming to sell tickets for the Paris 2024 Summer Olympic Games. The site appeared as the second sponsored search result on Google, but Proofpoint confirmed its fraudulent nature.

In the scam campaigns, the threat actor purports to offer up a free piano, often due to alleged circumstances like a death in the family. When a target replies, the actor instructs them to contact a shipping company to arrange delivery.

The attack chain required user interaction to execute the malicious email attachment, which then initiated a network callout to the Phorpiex botnet infrastructure to download and detonate the LockBit Black ransomware.

To craftily pose as its chosen personas, TA427 uses a few tactics including DMARC abuse in concert with free email addresses, typosquatting, and private email account spoofing.

Many types of video games appear to be targeted to younger users including games popular with children, a group that is less likely to be able to identify malicious content and risky online behaviors.