
SCMBANKER Malware Turns ClickFix Pages Into Operator-Assisted Mexican Banking Fraud
A new Mexican banking fraud operation tracked as REF6045 is taking a highly hands-on approach to stealing financial data. Instead of relying on automated scripts, a human operator actively monitors infected machines using a PowerShell toolkit named SCMBANKER. The attack begins with fake CAPTCHA pages that trick victims into copying and pasting a malicious command. […]
The post SCMBANKER Malware Turns ClickFix Pages Into Operator-Assisted Mexican Banking Fraud appeared first on Cyber Security News.