CP
cyberpings
Malware & RansomwareHIGH

MIMICRAT Alert: New RAT Delivered via Compromised Websites

ELElastic Security LabsFeb 20, 2026
MIMICRATClickFixmalwareElastic Security Labs
🎯

Basically, hackers are using safe websites to sneak in dangerous software that steals information.

Quick Summary

A new ClickFix campaign is using compromised websites to deliver MIMICRAT malware. This affects anyone who visits these sites, risking personal data theft. Stay updated and cautious to protect yourself from this emerging threat.

What Happened

A new threat has emerged that could put your personal information at risk. Elastic Security Labs recently uncovered a ClickFix campaign that uses compromised legitimate websites to deliver malware. This malware is a custom remote access trojan (RAT)? known as MIMICRAT, which can steal sensitive information and control infected devices.

The ClickFix campaign? operates through a five-stage delivery chain. It starts by compromising trustworthy websites, making it difficult for users to suspect anything is wrong. Once a user visits one of these sites, the malware is delivered, leading to the installation of MIMICRAT on their device. This RAT is particularly dangerous because it features malleable command and control (C2)? capabilities, allowing attackers to change how they control the malware without needing to update the infected software directly.

Why Should You Care

You might think that visiting a legitimate website is safe, but this incident shows that even trusted sites can be compromised. Your personal data, like passwords and credit card information, could be at risk if you unknowingly download this malware. Imagine your home being invaded, but the intruder used your front door, which you thought was locked and secure.

This threat is not just for tech-savvy individuals; anyone who uses the internet can be affected. If you use online banking or shop on e-commerce sites, you need to be extra cautious. The consequences of falling victim to such attacks can be severe, leading to identity theft or financial loss. Stay vigilant and protect your digital life.

What's Being Done

Security experts are actively investigating the ClickFix campaign? to mitigate its impact. Here are a few steps you can take to protect yourself:

  • Keep your software updated: Regular updates can patch vulnerabilities that attackers exploit.
  • Use reputable security software: This can help detect and block threats before they reach your device.
  • Be cautious with links: Avoid clicking on suspicious links, even if they appear on legitimate sites.

Experts are watching to see how this campaign evolves and whether new delivery methods emerge. Staying informed is key to keeping your information safe.

💡 Tap dotted terms for explanations

🔒 Pro insight: The malleable C2 capabilities of MIMICRAT suggest a shift towards more adaptable malware delivery methods, raising concerns for future attacks.

Original article from

Elastic Security Labs

Read Full Article

Share

Related Pings

HIGHMalware & Ransomware

ClickFix Attackers Evolve Tactics to Bypass Security Measures

Microsoft warns about a new ClickFix phishing tactic. Attackers are tricking users into executing harmful commands via Windows Terminal. This method can compromise your data and security. Stay alert and educate yourself on these evolving threats!

CSO Online·Yesterday, 9:15 PM
HIGHMalware & Ransomware

Fake Google Meet Update Gives Attackers Control of Your PC

A fake Google Meet update is tricking users into giving hackers control of their PCs. This poses a serious risk to personal and sensitive data. Stay vigilant and avoid suspicious update prompts to protect yourself.

Malwarebytes Labs·Yesterday, 7:35 PM
HIGHMalware & Ransomware

Spyware Masquerades as Emergency App Targeting Israeli Smartphones

Israeli smartphones were targeted by spyware disguised as an emergency app. This deceptive tactic puts personal data at risk. Stay vigilant and verify app legitimacy to protect your privacy.

The Register Security·Yesterday, 6:56 PM
HIGHMalware & Ransomware

Metasploit Update: New Exploits and Enhanced Control Features

Metasploit has launched a new update with powerful exploits and features. Users of Tactical RMM and MajorDoMo are particularly at risk. Stay ahead of potential attacks by updating your systems and reviewing security measures.

Rapid7 Blog·Yesterday, 6:28 PM
HIGHMalware & Ransomware

New ClickFix Attack Uses Windows Terminal for Malicious Payloads

A new wave of ClickFix attacks targets Windows Terminal to deliver malicious payloads. Users are at risk of unauthorized access and data theft. Stay cautious and keep your software updated to protect yourself.

Cyber Security News·Yesterday, 6:05 PM
HIGHMalware & Ransomware

AI-Powered Malware: Transparent Tribe Targets India

A hacking group is using AI to create malware targeting India. This mass production of implants could compromise personal data and financial security. Experts recommend updating software and using strong passwords to protect against these threats.

The Hacker News·Yesterday, 3:11 PM