US Edition
Hackers Use Weaponized .HTA Files to Infect Victims with Red Ransomware
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.2 Articles
2 Articles
Hackers Use Weaponized .HTA Files to Infect Victims with Red Ransomware
CloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware. This variant deviates from traditional clipboard-based command injection tactics by directing victims to a secondary page on the same domain, where malicious shell commands are executed silently through ActiveXObject(“WScript.Shell”) to facilitate payload delivery. The script leverages Windows Command […] The post Ha…
Hackers Trick Victims into Downloading Weaponized .HTA Files to Install Red Ransomware | #ransomware | #cybercrime - National Cyber Security Consulting
A new wave of ransomware attacks has surfaced in July 2025, leveraging weaponized HTML (.HTA) files to silently deploy the Epsilon Red strain of ransomware. The campaign, which has spread globally, masquerades as innocuous verification pages branded as “ClickFix,” luring users who frequent popular platforms such as Discord, Twitch, Kick, and OnlyFans. By exploiting users’ […] Thank you for subscribing to our RSS feed! The post Hackers Trick Vict…
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium
