Security researchers have identified a new malware campaign distributing a previously undocumented loader called DeepLoad. The malware uses ClickFix social engineering tactics to trick users into executing malicious code, representing an evolution in credential theft techniques.
DeepLoad appears to employ AI-assisted obfuscation methods to evade static scanning detection systems. The malware also utilizes Windows Management Instrumentation (WMI) for persistence, allowing it to maintain presence on infected systems even after initial detection attempts.