Malwarebytes Weekly Roundup (April 6‑12) Uncovers Multi‑Vector Threats: Fake Support Sites, Mac Malware, Router Spyware, and Hims & Hers Customer Data Breach
What Happened — Malwarebytes Labs published a weekly summary that highlights ten distinct incidents, ranging from credential‑stealing fake Windows support pages and a malicious “Claude” clone to a supply‑chain‑style Mac infection vector (ClickFix) and a Russian‑linked campaign targeting home‑office routers. The report also confirms a breach of the Hims & Hers support platform that exposed customer data.
Why It Matters for TPRM —
- Vendors across SaaS, consumer‑tech, and health‑care are being weaponised as phishing or malware delivery points.
- A confirmed data breach at a health‑service provider demonstrates the downstream risk of third‑party platform compromises.
- Router‑level espionage shows that even low‑complexity network assets can become persistent surveillance vectors.
Who Is Affected — Health‑life (Hims & Hers), technology/SaaS providers, small‑business router manufacturers, end‑users of consumer platforms (Amazon, Facebook, Meta).
Recommended Actions —
- Review contracts and security attestations for any third‑party support platforms (e.g., Hims & Hers, Amazon, Meta).
- Validate that vendors employ anti‑phishing controls, code‑signing, and regular malware scanning for web assets.
- Ensure router firmware is managed centrally and that remote‑access ports are hardened or disabled.
Technical Notes — Attack vectors include phishing‑laced fake support sites (malware dropper), a novel Mac infection chain via ClickFix, credential‑stealing malware delivered through Windows support impersonation, and router compromise via default credential exploitation. Data types leaked in the Hims & Hers breach include personal health information and contact details. Source: Malwarebytes Labs – A week in security (April 6 – April 12)