Menace actors are embracing ClickFix, ransomware gangs are turning on one another – toppling even the leaders – and regulation enforcement is disrupting one infostealer after one other
05 Aug 2025
•
,
1 min. learn
“It’s all enjoyable and video games till somebody will get damage” might nicely be the title of the most recent ESET Menace Report, as cybercriminals play new thoughts video games with their victims, wage full-on deathmatches amongst themselves, and change into the hunted recreation of regulation enforcement and personal distributors.
ESET Distinguished Researcher Aryeh Goretsky and Safety Consciousness Specialist Ondrej Kubovič open this installment of the ESET Analysis Podcast by breaking down the most recent cry amongst menace actors: ClickFix. They clarify how this system went from non-existent a yr in the past to the second most prevalent menace immediately, and why it’s so efficient. Additionally they look at a selected instance of this social engineering tactic FakeCaptcha, abusing the well-known human verification mechanism and weaponing it trick victims into executing malicious instructions.
Transferring from rising threats to constructive developments, the second section highlights current regulation enforcement disruptions of infostealers. Noteworthy circumstances from final 12 months embrace takedown of Redline/Meta Stealer in late 2024 and up to date operations towards LummaStealer and Danabot. Aryeh and Ondrej talk about what made these infostealer-as-a-service ventures engaging to associates, the affect of the disruptions, and ESET analysis’s particular contributions to those takedowns.
The ultimate part covers the current “deathmatch”-style infighting within the ransomware scene, that includes the minor participant Dragonforce. Regardless of their missing repute and low sufferer rely, Dragonforce’s operators went on a brazen offensive, defacing the information leak websites (DLS) of a number of rival teams on the darkish internet – together with Mamona and BlackLock – and in the end taking down additionally the DLS of the then-leader, RansomHub.
If ransomware, infostelaers or new social engineering methods are your factor, tune in and subscribe to the ESET Analysis Podcast. For a extra detailed model, obtain the ESET Menace Report H1 2025 from the Menace Reviews part – no paywall or registration required.
Mentioned:
ClickFix and FakeCaptcha 1:05
Whack-a-hack, infostealer model 9:20
Ransomware deathmatch 18:40
