Bellerophon could never have imagined. The ChimeraWire trojan boosts website popularity by skillfully pretending to be human

Doctor Web analysts describe Trojan.ChimeraWire, a Windows clicker malware that uses chained downloaders, DLL search-order hijacking, UAC bypass and anti-debugging to install a stealthy Chrome-based automation environment; it receives AES-GCM encrypted tasks from C2 over WebSocket to perform search-engine queries, open links and simulate human clicks (and can leverage automated CAPTCHA-solving extensions). The report details two distinct infection chains, persistence via scheduled tasks/registry, described IOCs, and MITRE ATT&CK mappings, noting potential for expanded capabilities beyond click-fraud (form submission, screenshots, data collection).