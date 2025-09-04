HackRead reports that intrusions involving a bogus AnyDesk installer and Windows search have been deployed to facilitate MetaStealer malware compromise as part of a new campaign combining the ClickFix and FileFix techniques. Threat actors have been targeting individuals visiting a counterfeit AnyDesk download site with a bogus Cloudflare CAPTCHA prompt that activates Windows File Explorer with a different search query upon activation, enabling the delivery of a malicious file from an attacker-controlled remote server, according to a report from Huntress. Opening the 'Readme Anydesk.pdf' file then downloads the AnyDesk app alongside the MetaStealer payload, without raising suspicion among targets. Aside from exfiltrating login credentials, MetaStealer also pilfers files and cryptocurrency wallet details, Huntress researchers added. Organizations have been urged to bolster user education on cybersecurity scams amid the proliferation of more advanced and stealthy fix schemes combining social engineering and software functionality.
Malware
MetaStealer deployed via fake AnyDesk installer
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related TermsAdware
You can skip this ad in 5 seconds