216.73.217.22

The long road to your crypto: ClipBanker and its marathon infection chain

· Published 09/04/2026 11:57 · Modified 09/04/2026 18:06

Export JSON

Essential information

Published
09/04/2026 11:57
Modified
09/04/2026 18:06
Source / Author
AlienVault
Confidence
100/100
Report type(s)
threat-report
Tags
2026-04-09
Related entities
6 indicators, 6 observables, 1 malware, 5 others

Description

Proxifiers are speciaized software designed to tunnel traffic for programs that do not natively support proxy servers. They are a go-to for making sure these apps are functional within secured development environments. By coincidence, Proxifier is also a name for a proprietary proxifier developed by VentoByte, which is distributed under a paid license. If you search for Proxifier (or a proxifier), one of the top results in popular search engines is a link to a GitHub repository. That’s exactly where the source of the primary infection lives.

Related entities

Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.

Indicators (6)

Observables (6)

  • chiaselinks.com
  • rlim.com
  • git.parat.swiss
  • pinhole.rootcode.ru
  • paste.kealper.com
  • fdae784b02b22916bf4bac1344b3e8e13f98996e3cd85f2daf171084983247e1

Malware (1)

  • ClipBanker
    Family
    Published 09/04/2026 09:57 · Modified 09/04/2026 09:57

Others (5)

  • chiaselinks.com
  • git.parat.swiss
  • paste.kealper.com
  • rlim.com
  • pinhole.rootcode.ru

External references