PowerShell Scripts in Phishing Campaigns
The NJCCIC observed two new phishing campaigns utilizing PowerShell scripts to drop multiple malicious payloads. One campaign, dubbed ClickFix, launched by a threat actor identified as TA571 which was also behind the recently observed DarkGate phishing campaign.