Amatera — InstallFix campaign infostealer targeting browser credentials and e-wallets
tool · tool:Amatera
Coverage timeline
1
first 2026-05-07 → last 2026-05-07
Briefs
1
1 distinct
Sources cited
3
3 hosts
Sections touched
1
research
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-05-07CTI Daily Brief — 2026-05-07
Where this entity is cited
- research1
Source distribution
- malwarebytes.com1 (33%)
- pushsecurity.com1 (33%)
- trendmicro.com1 (33%)
All cited sources (3)
- trendmicro.comprimaryinlineTrend Micro Research, 2026-05-05https://www.trendmicro.com/en_us/research/26/e/installfix-and-claude-code.html
- malwarebytes.cominlineMalwarebytes, 2026-03https://www.malwarebytes.com/blog/news/2026/03/fake-claude-code-install-pages-hit-windows-and-mac-users-with-infostealers
- pushsecurity.cominlinePush Security, 2026-05https://pushsecurity.com/blog/installfix
Items in briefs about Amatera — InstallFix campaign infostealer targeting browser credentials and e-wallets
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.