TA584 Expands Operations with Tsundere Bot via ClickFix Social Engineering

TA584 Expands Operations with Tsundere Bot via ClickFix Social Engineering

First seen 29 Jan 2026, 22:04 UTC ProofpointBleepingcomputerCyberpressGbhackersCybersecuritynews 81% similarity 37.6

Article Content

Browse articles
ThreatCluster

The cybercriminal group TA584 has intensified its operations by deploying Tsundere Bot malware through ClickFix social engineering tactics. This initial access broker has significantly increased its campaign volume, tripling attacks from March to December 2025, targeting organizations worldwide.

ThreatCluster AI

Community

Browse all →