The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures.
“LOSTKEYS is capable of stealing files from a hard-coded list of extensions and directories, along with sending system information and running processes to the attacker,” the Google Threat
Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware
