“new global scam uses fake meeting links to run powershell malware image : generated via chatgpt bluenoroff hackers used fake zoom calls, clickfix prompts, and fileless powershell malware to steal credentials from web3 and crypto targets. written by joseph ofonagoro apr 30, 2026 a…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1555.003Credentials from Web Browsers
98%
“the role of the first script is to establish an entry point, the second payload immediately attempts to establish persistence by living in the system ’ s live memory rather than in a file. this technique, as arctic reports, allows it to “ evade file - based detection. ” to achiev…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.001PowerShell
61%
“powershell malware the attack chain begins with spearphishing, which involves impersonating high - profile individuals, typically in the financial technology or legal industries. masking behind these deepfaked identities, the hackers try to get their targets on a call using a fak…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
39%
“powershell malware the attack chain begins with spearphishing, which involves impersonating high - profile individuals, typically in the financial technology or legal industries. masking behind these deepfaked identities, the hackers try to get their targets on a call using a fak…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.004Spearphishing Voice
37%
“powershell malware the attack chain begins with spearphishing, which involves impersonating high - profile individuals, typically in the financial technology or legal industries. masking behind these deepfaked identities, the hackers try to get their targets on a call using a fak…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
BlueNoroff hackers used fake Zoom calls, ClickFix prompts, and fileless PowerShell malware to steal credentials from Web3 and crypto targets.