OneClik Malware Hits Energy Sector, Trellix Says

Cybersecurity firm Trellix has uncovered a sophisticated campaign using the OneClik malware, which targets organizations in the energy, oil and gas sectors. The campaign exploits Microsoft’s ClickOnce deployment technology to deliver malicious payloads and evade traditional detection methods. OneClik malware hits energy firms by embedding itself in cloud-hosted environments, enabling attackers to bypass endpoint defenses and persist within compromised networks.

Trellix researchers observed that the malware leverages trusted cloud services to disguise its activity. This approach allows the malware to communicate with command-and-control servers without triggering alerts. The OneClik malware hits Energy by infiltrating through deceptive file downloads and uses cloud infrastructure to mask its origin, making it difficult for security teams to trace.

The campaign’s focus on critical infrastructure highlights the increasing sophistication of cyber threats. Trellix’s findings underscore the need for heightened vigilance in high-value sectors.

Read the full report from Trellix at the official source:
https://industrialcyber.co/ransomware/trellix-details-oneclik-malware-campaign-targeting-energy-oil-and-gas-sectors-using-clickonce-cloud-evasion/