From Fake Amazon Security Alert to HarborWatch Agent: ClickFix Delivery of a Custom Monitoring RAT (opens in new tab)

The Cofense Phishing Defense Center has identified an Amazon-themed malware delivery campaign that abuses the ClickFix self-infection technique to deliver a custom monitoring RAT known as HarborWatch Agent. This campaign highlights a growing trend in the threat landscape where attackers are abusing trusted brands and fake verification to turn users into the mechanism of their own infection.