← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Threat Actors Using Paste-Jacking to Achieve Remote Code Execution
WHITE Evil_corp PetrP.73 2025-11-12 Modified: 2025-12-12
4
IOCs
LOW VOLUME
In 2025, a phishing technique known as paste-jacking has emerged, highlighting a new avenue for threat actors to gain remote code execution on victim machines. This technique manipulates users into unwittingly executing malicious code, allowing attackers to execute commands on the compromised system. The rise of paste-jacking indicates a shift in the strategies employed by cybercriminals, capitalizing on user interaction as a vulnerability in cybersecurity defenses.
ctrlwindowstruesecverifycheckjavascript hookwinkeyverificationnetworkerrorstealerraspberry robinrecaptchaverification iduseb httpfix internet
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (4)
All URL domain
TYPEINDICATORDESCRIPTIONCREATED
URL http://185.149.146.164/trwsfg.ps1 2025-11-12
URL http://80.64.30.238/evix.xll 2025-11-12
URL https://captha-secure.com/capcha.html 2025-11-12
domain captha-secure.com 2025-11-12
References (1)
↗ https://www.truesec.com/hub/blog/threat-actors-paste-jacking-remote-code-execution