home

Analysis of remcos rat deployed in italy with a gls-themed clickfix campaign

Intel Name: Analysis of remcos rat deployed in italy with a gls-themed clickfix campaign

Date of Scan: November 12, 2025

Impact: Medium

Summary:
A GLS-themed ClickFix social-engineering campaign in Italy delivered the Remcos RAT by tricking users into manually running malicious commands. ClickFix campaigns have risen over the past year because manual execution helps attackers evade AV, sandbox, and EDR detection. Italy saw its first ClickFix-style activity in January (Lumma Stealer) and, while several attempts have occurred since, no large-scale targeted campaigns have been observed domestically—contrasting with wider international activity. ClickFix represents an evolution of social engineering that exploits human interaction rather than software vulnerabilities.

More Details