MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks thehackernews.com/2025/01/m…

Threat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate open-source network computing platform called BOINC.

“MintsLoader is a PowerShell based malware loader that has been seen delivered via spam emails with a link to Kongtuke/ClickFix pages or a JScript file,” cybersecurity firm eSentire said in an analysis.

The campaign has targeted electricity, oil and gas, and the legal services sectors in the United States and Europe, per the company, which detected the activity in early January 2025.

The development comes amid a spike in malicious campaigns that are abusing fake CAPTCHA verification prompts to trick users into copying and executing PowerShell scripts to get around the checks, a technique that has come to be known ClickFix and KongTuke