Fake Windows Activation (MAS) Domain Spreads Malware

The popular Microsoft Activation Scripts (MAS) tool has been impersonated by a fake domain appearing high in search results. Users attempting to download the script instead receive malicious PowerShell software that steals data and allows remote control. This is a classic example of “SEO poisoning,” where attackers manipulate search engines to lead victims to malicious sites. Source: https://mkd-cirt.mk/lazen-domen-za-aktivacija-na-windows-mas-koristen-za-sirene-powershell-maliciozen-softver/ Bleeping Computer – Fake MAS Windows activation domain used to spread PowerShell malware Bleeping Computer

ClickFix: Fake Windows Update Screen

A new attack type called ClickFix tricks users by displaying a fake screen that looks like a legitimate Windows Update. Instead of updating the system, the page instructs the user to press a specific key combination or copy a code into the PowerShell console. By doing so, the user unknowingly infects their own system. Windows never requires users to manually execute code from websites for updates. Source: https://mkd-cirt.mk/clickfix-napad-koristi-lazen-ekran-za-windows-update-za-sirene-maliciozen-softver/ Bleeping Computer – ClickFix attack uses fake Windows Update screen to push malware Bleeping Computer