Security News > 2023 > May > Cloned CapCut websites push information stealing malware

Cloned CapCut websites push information stealing malware
2023-05-20 15:08

A new malware distribution campaign is underway impersonating the CapCut video editing tool to push various malware strains to unsuspecting victims.

Threat actors exploit this by creating websites that distribute malware disguised as CapCut installers.

The malicious websites were discovered by Cyble, which reports seeing two campaigns distributing different malware strains.

No specific information about how victims are directed on these sites was provided, but typically, threat actors use black hat SEO, search ads, and social media to promote the sites.

The first campaign spotted by Cyble's analysts uses fake CapCut sites featuring a download button that delivers a copy of the Offx Stealer on the user's computer.

The second campaign involving fake CapCut sites drops a file named 'CapCut Pro Edit Video.


News URL

https://www.bleepingcomputer.com/news/security/cloned-capcut-websites-push-information-stealing-malware/