HackerFeeds

CyberSecurity News

SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users

The Hacker News
· July 8, 2026

AI summary

A new malware campaign is targeting Mexican banking users, including those of fintech, payment processors, and cryptocurrency exchanges. The campaign uses ClickFix lures to infect victims, who are deceived into running a malicious command through fake CAPTCHA verification pages. This command installs a PowerShell toolkit, which is part of an activity cluster tracked as REF6045 by Elastic Security Labs. The toolkit is associated with the SCMBANKER malware. The malware operation appears to be focused on committing banking fraud. Elastic Security Labs is monitoring the activity cluster.

Read the full article at The Hacker Newsthehackernews.com/2026/07/scmbanker-malware-uses-clickfix-lures.html

This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.