COLDRIVER added ClickFix using BAITSWITCH downloader and SIMPLEFIX PowerShell backdoor with server-side selective delivery to target strategically important individuals.
New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks
COLDRIVER deployed ClickFix-style attacks using BAITSWITCH downloader to deliver SIMPLEFIX PowerShell backdoor, establishing persistence and storing encrypted payloads in the Windows Registry.
