InstallFix — malvertising campaign distributing Amatera infostealer via fake AI tool install pages
campaign · campaign:installfix
Coverage timeline
1
first 2026-05-07 → last 2026-05-07
Briefs
1
1 distinct
Sources cited
3
3 hosts
Sections touched
1
research
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-05-07CTI Daily Brief — 2026-05-07
Where this entity is cited
- research1
Source distribution
- malwarebytes.com1 (33%)
- pushsecurity.com1 (33%)
- trendmicro.com1 (33%)
All cited sources (3)
- trendmicro.comprimaryinlineTrend Micro Research, 2026-05-05https://www.trendmicro.com/en_us/research/26/e/installfix-and-claude-code.html
- malwarebytes.cominlineMalwarebytes, 2026-03https://www.malwarebytes.com/blog/news/2026/03/fake-claude-code-install-pages-hit-windows-and-mac-users-with-infostealers
- pushsecurity.cominlinePush Security, 2026-05https://pushsecurity.com/blog/installfix
Items in briefs about InstallFix — malvertising campaign distributing Amatera infostealer via fake AI tool install pages
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.