Tag

Clickfix

All articles tagged with #clickfix

technology25 days ago•6 min saved

MacSync Infostealer Lures Mac Users Through ClickFix Social-Engineering Campaigns

Three ClickFix campaigns have been found delivering the macOS infostealer MacSync by tricking users into pasting Terminal commands to download and run a shell script that fetches the payload and exfiltrates credentials, keychains, and seed phrases. The campaigns (Nov 2025 using OpenAI Atlas bait via Google ads; Dec 2025 via ChatGPT-related pages; Feb 2026 with a new variant) rely on social-engineering lures, malvertising, and trusted platforms to disguise malicious commands and payloads, with in-memory AppleScript execution to evade detection. Defenders are urged to patch hosting platforms (e.g., WordPress), monitor for ClickFix/trojan lures, and maintain zero-trust principles as attackers adapt tactics.

via The Hacker News|

#clickfix #cybersecurity #macos

technology1 month ago•4 min saved

DNS Channel Used to Deliver PowerShell Payload in ClickFix Attacks

A new ClickFix variant uses a DNS-based delivery channel: victims are prompted to run nslookup in the Run dialog, querying an attacker-controlled DNS server. The DNS response contains a PowerShell payload that, when executed, downloads a ZIP with a Python runtime and malware scripts, establishes persistence, and installs ModeloRAT. This marks the first known use of DNS for staging and delivering ClickFix payloads, enabling on-the-fly payload updates and blending with normal DNS traffic instead of relying on HTTP.

via BleepingComputer|

#clickfix #dns #modelorat

cybersecurity3 months ago•2 min saved

ErrTraffic: New $800 Service Automates Large-Scale ClickFix Cyberattacks

ErrTraffic is a new cybercrime platform that automates ClickFix attacks by creating fake browser glitches on compromised websites to trick users into downloading malware or executing malicious commands, with high success rates and customizable payloads targeting multiple operating systems, primarily sold on hacker forums for $800.

via BleepingComputer|

#clickfix #cybercrime #cybersecurity

security5 months ago•2 min saved

ClickFix Threat Evolves, Signaling New Wave of Malicious Copy-and-Paste Attacks

ClickFix is a sophisticated scam campaign targeting Windows and macOS users by exploiting trust in online travel bookings and using social engineering tactics, such as fake CAPTCHA prompts and device-adaptive payloads, to infect devices with malware like PureRAT. The attacks leverage native OS capabilities and often bypass security tools, making awareness and cautious behavior the best defenses, especially during holiday gatherings when family members may be less vigilant.

via Ars Technica|

#clickfix #cyberattack #endpoint-protection

cybersecurity9 months ago•4 min saved

FileFix and ClickFix Attacks Surge in 2025, ESET Reports

The article discusses a 517% rise in ClickFix social engineering attacks using fake CAPTCHA verifications, leading to various malware infections, and introduces a new method called FileFix that tricks users into executing malicious commands via file paths. It also highlights recent phishing campaigns exploiting domains, email lures, and legitimate platforms to steal personal information and control victims' devices.

via The Hacker News|

#clickfix #cyberattack #cybersecurity

technology9 months ago•2 min saved

Rising ClickFix Attacks and New Phishing Tactics Threaten PC Security in 2025

The ESET Threat Report H1 2025 highlights a dynamic threat landscape with the rise of ClickFix, a versatile attack vector, shifts in infostealer malware like SnakeStealer, a surge in Android adware and NFC-based fraud, and ongoing chaos in the ransomware scene, despite a drop in ransom payments.

via WeLiveSecurity|

#clickfix #cybersecurity #infostealers