Feeds.Feedburner
TELEPUZ Malware Emerges, Spreading via ClickFix Lures to Steal Data
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A new modular malware named TELEPUZ has been detected spreading since late April 2026. It uses ClickFix lures to trick users into executing malicious commands. The malware is lightweight and modular, likely developed by a small team and may be offered as malware-as-a-service. TELEPUZ employs obfuscation techniques to evade detection and disables security monitoring features. It performs anti-virtual machine checks and crashes debuggers before connecting to its command-and-control (C2) server. The C2 server can be accessed through various encrypted methods, including Telegram and blockchain smart contracts. Once connected, TELEPUZ can execute commands, log keystrokes, and extract cookies from browsers. Compromised websites in Brazil and India have been identified as hosting the malware.
Key Points: • TELEPUZ malware spreads via ClickFix lures, targeting unsuspecting users. • It employs advanced evasion techniques to disable security measures. • The C2 server utilizes multiple encrypted communication methods.