VERY IMPORTANT

A sophisticated FileFix attack campaign has been discovered, marking the first use of this technique beyond proof-of-concept. The attack employs a complex phishing infrastructure, including a multilingual site mimicking Facebook security. It uses steganography to conceal malicious code in images, with a multistage payload delivery system featuring layered obfuscation and evasion techniques. The final payload deploys a StealC infostealer targeting various applications and credentials. The campaign has evolved rapidly over two weeks, indicating a global targeting strategy with potential victims in multiple countries. This attack represents a significant advancement in *Fix attack sophistication, combining FileFix with advanced tradecraft to maximize both evasion and impact.