Malicious podcast, PDF apps spread FlutterShell macOS backdoor malware
FlutterShell is linked to previous malvertising campaigns including TamperedChef.
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1189 — Drive-by Compromise (Initial Access)
Clear filter13 articles found
Malicious Ads Target macOS Users with FlutterShell Backdoor
Hackers are leveraging large-scale malvertising campaigns to distribute a newly identified macOS backdoor dubbed FlutterShell, marking a significant evolutio...
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell....
Malicious ChatGPT Download Website Tricks Users via Sponsored Search Listings
Threat actors are abusing paid search ads to push a fake ChatGPT download site, underscoring how malvertising is increasingly used to target users who trust ...
Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor
Operation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built using the Flutter framework.
Tracking TamperedChef Clusters via Certificate and Code Reuse
Unit 42 analyzes TamperedChef malware clusters that use trojanized productivity apps and malvertising to deliver stealthy payloads to targets. The post Track...
Trapdoor Android Ad Fraud Ring Abuses 455 Apps for Fake Clicks
A large-scale Android ad fraud campaign named “Trapdoor,” exposing a sophisticated ecosystem built on 455 malicious apps and 183 command-and-control (C2) dom...
Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps
Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users. The activity, p...
Fake Claude Campaign Uses PlugX-Style DLL Sideloading Chain
Hackers are abusing a fake Claude AI download site to deliver a PlugX‑style DLL sideloading chain that ultimately deploys a new Windows backdoor dubbed “Beag...
macOS Malware Abuses Google Ads and Claude Shared Chats to Deliver Payloads
Threat actors are deploying a sophisticated malvertising campaign targeting macOS users by exploiting Google Ads and legitimate Anthropic Claude shared chats...
Hackers abuse Google ads, Claude.ai chats to push Mac malware
Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign.
Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware
Researchers have discovered a new malvertising campaign using a fake Claude AI website to plant a new, undocumented backdoor named Beagle on user devices.
AI-aided malvertising: Exploiting a chatbot to spread scams
Cybercriminals have tricked X’s AI chatbot into promoting phishing scams in a technique that has been nicknamed “Grokking”. Here’s what to know about it.