CrashFix

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the browser in preparation for ClickFix attacks. The attacks were spotted earlier this month and delivered a new Python-based remote access tool called ModeloRAT that is deployed in corporate environments. The NexShield extension, which has been removed from the Chrome Web Store, was […]