MalwareMay 22, 2026
Users attempting to download open-source C++ IDE are hijacked via malicious CloudFront JS on-clic...
Users downloading a C++ IDE are hijacked and redirected to fake MEGA pages delivering RemusStealer.
Summary
Users attempting to download an open-source C++ IDE are being hijacked via a malicious CloudFront JS on-click event. This redirects them to fake MEGA-Transfer pages which deliver the RemusStealer malware.
Indicators of Compromise
- malware — RemusStealer
Entities
C++ IDE (product)CloudFront (technology)MEGA-Transfer (product)