eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Server stats:

223
active users

#clipboard

0 posts0 participants0 posts today

APT36-Style ClickFix Attack Spoofs Indian Ministry to Target Windows & Linux

A recent campaign attributed to APT36 has been observed spoofing India's Ministry of Defence to deliver cross-platform malware. The attackers used a ClickFix-style infection chain, mimicking government press releases and leveraging a compromised .in domain for payload staging. The campaign targeted both Windows and Linux users, employing clipboard-based execution techniques. On Windows, the attack utilized mshta.exe to execute a heavily obfuscated HTA file, while on Linux, it attempted to execute a shell script. The tradecraft observed, including government-themed lures, HTA-based delivery, and decoy documents, aligns with known APT36 tactics. This activity demonstrates the continued evolution of ClickFix techniques in new contexts.

Pulse ID: 681a65ede3e45431290ce415
Pulse Link: otx.alienvault.com/pulse/681a6
Pulse Author: AlienVault
Created: 2025-05-06 19:41:33

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
Replied in thread

@ai6yr @briankrebs OFC this targets #TechIlliterates and the only effective means here are:

  1. Teach #TechLiteracy instead of consumerism.
  2. Mandate #confirmation & #notification - #PopUp|s for every use of #Clipboard (similar to #webcam use by websites)...
  3. Ban #JavaScript - seriously!
  4. Ban #Windows, because it's a #Govware, espechally since #Windows10 and even more so on #Windows11 that is *insecure in every configuration!
  5. Put #TechIlliterates before a system they can't feck up. I.e. @tails_live @tails / #Tails for that reason alone (can't run such commands if they neither got #root nor any #persistent #storage to target).
  6. Normalize the use of @torproject #TorBrowser!
  7. #Teach #tech #literacy instead of #consumerism!
  8. Ban #GAFAMs and their shitty products!
  9. Migrate every #TechIlliterate to #Linux and don't give them administrative privilegues.
  10. Teach tech literacy instead of consumerism!

If any of you are using Helix Editor and wondering why copying/pasting from the system clipboard (space+y) isn’t working as it should, make sure you have wl-clipboard installed if you’re running Wayland.

(You’re running Wayland if your Linux distribution is Fedora or Ubuntu or Suse, etc.)

If running Fedora Silverblue-esque distributions:

rpm-ostree install wl-clipboard

(This includes Universal Blue, it’s not available under brew, you have to layer it.)

I've lived with it for so long that I mostly just accept it, but WHY doesn't #Excel use the system #clipboard for cut-and-paste between cells like any sensible application would?

Why does it forget what you copied as soon as you do anything else?

It must have some kind of local variable that holds a nullable source from which to paste and then null it whenever anything else gets selected, but why? The system clipboard can handle tabular data representations because it sort of works elsewhere.