Home / Jul 19, 2026 / Story
0
#6 The Hacker News general July 17, 2026 at 08:56 UTC

ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files

By [email protected] (The Hacker News)

AI Summary

ACR Stealer, an infostealer active since 2024, is being delivered via ClickFix lures that trick users into pasting malicious commands into the Windows Run dialog. Microsoft's Defender Experts team documented two delivery chains showing the malware exfiltrating saved browser passwords, live session tokens, PDFs, and Microsoft 365 documents including files synced from OneDrive and SharePoint.

Relevance score: 79.0/100

# More from July 19