New Phishing Kit Streamlines ClickFix Attacks

Venom Stealer is a commodity phishing/infostealer that integrates ClickFix social-engineering templates for Windows and macOS to trick users into running commands, installs a payload that harvests Chromium/Firefox credentials, cookies, history, autofill data and cryptocurrency wallets, uses a silent privilege escalation to extract decryption keys, and provides operators with an automated, continuous exfiltration pipeline sold via subscription and affiliate programs.