A new malware campaign has been discovered, leveraging fake Google Meet links to distribute information-stealing malware (“infostealers”). Attackers simulate connectivity failures during Google Meet meetings, prompting users to download malware on both Windows and macOS systems. This tactic is part of the campaign “ClickFix”, that uses social engineering to trick users into believing that they are solving a technical problem, when they're actually compromising their devices.
The malware distributed in these attacks includes “infostealers” that collect sensitive information such as passwords, cookies and other personal data stored on infected systems. Although the method requires user interaction to be effective, The attackers present the problem and the solution in a way that seems credible, making it easier for less cautious users to fall for the trap.
In addition to fake Google Meet errors, Other related forms of attack have been reported, as fake Google Chrome updates and other programs, who follow the same line of infection. Attackers take advantage of users' lack of knowledge about the dangers of running PowerShell commands on Windows, which facilitates the installation of these malwares.
This type of attack highlights the growing sophistication of cybercriminals and their ability to exploit popular platforms such as Google Meet, using psychological manipulation techniques. Campaigns of this type underscore the importance of cybersecurity and not downloading or running files from unverified sources.
Fountain: Bleeping Computer