ClickFix ‘LightPerlGirl’ Malware Hijacks Clipboards

Security researchers have uncovered a stealthy new variant of the ClickFix LightPerlGirl malware that targets users through PowerShell scripting and clipboard hijacking. The attackers deliver the malicious payload via a compromised travel website, increasing the threat’s reach and complexity. This latest strain focuses on silently injecting the Lumma infostealer into victims’ systems.

The method involves manipulating clipboard content to trick users into executing harmful commands. By leveraging PowerShell, the malware maintains a low profile while executing its functions. The use of a legitimate travel site as a delivery mechanism raises concerns about attackers exploiting trusted platforms to distribute malware.

Researchers warn that the ClickFix LightPerlGirl malware demonstrates an evolution in tactics, favoring stealth over brute force. Its ability to bypass traditional detection tools adds to the urgency for organizations to update their defenses. Security teams should monitor clipboard activity and restrict PowerShell access where possible.

Read the full article here:
https://www.securityweek.com/new-clickfix-malware-variant-lightperlgirl-targets-users-in-stealthy-hack/