Threats Tagged 'hidden desktop'
View all threats tagged with 'hidden desktop'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'hidden desktop'
Click on any threat for detailed analysis and mitigation recommendations
Potemkin Loader & RMMProject The Anatomy of a ClickFix Attack 0 This threat describes a multi-stage malware intrusion initiated by a ClickFix social engineering attack on an unmonitored endpoint. The attack chain begins with a malicious HTA payload that installs Potemkin, a custom loader using a deterministic domain generation algorithm (DGA). Potemkin delivers RMMProject, a Lua-scriptable remote access trojan (RAT) capable of browser credential theft, hidden desktop control, and multiple task types. The attacker also deploys EtherRAT, a Node.js backdoor using Ethereum blockchain for command and control (C2) resolution, and establishes a Cloudflare tunnel for persistence. The attacker actively disables Windows Defender and uses lateral movement techniques such as WMIExec and SMBExec to spread malware and reach the domain controller. Join the discussion | AlienVault OTX General | 06/16/2026, 14:27:51 UTC Added: 06/16/2026, 17:30:50 UTC |
Showing 1 to 1 of 1 result