Topic: clickfix technique
-
Cybercriminals Upgrade ClickFix with E-commerce Tricks
Cybercriminals are enhancing the ClickFix malware delivery method by using persuasive design elements like tutorial videos and countdown timers to rush users into executing harmful commands, making pages appear legitimate. The fraudulent pages dynamically adapt to the victim's operating system an...
Read More » -
ClickFix Phishing Kit Exposed by Cybersecurity Experts
Palo Alto Networks has identified the IUAM ClickFix Generator, a phishing toolkit that enables even novice cybercriminals to create convincing fake browser verification pages to deploy malware. The toolkit allows customization of phishing pages, detects the user's device and OS to tailor maliciou...
Read More » -
Fake macOS Help Sites Spread Shamos Infostealer via ClickFix
Cybercriminals are using deceptive help websites and malicious Google ads to trick macOS users into installing the Shamos infostealer malware via harmful Terminal commands. The malware employs the ClickFix social engineering technique to bypass security, collects sensitive data like credentials a...
Read More » -
TA585 Hackers Unleash Advanced New Attack Tools
TA585 is a sophisticated cybercriminal group known for its fully autonomous infrastructure, managing its own phishing campaigns, malware deployment, and hosting platforms without relying on external services. The group primarily distributes MonsterV2, a versatile malware suite that acts as a remo...
Read More » -
LummaStealer Surges Following CastleLoader Malware Campaigns
A major resurgence of LummaStealer malware is being driven by sophisticated social engineering campaigns that use a technique called ClickFix to deploy the CastleLoader. The attacks rely on CastleLoader, a highly obfuscated and modular malware loader that checks for security software and sandboxe...
Read More » -
FileFix Attack Evades Security with Cache Smuggling
A new FileFix social engineering attack uses cache smuggling to deliver malware undetected by disguising itself as a Fortinet VPN Compliance Checker and tricking users into executing hidden PowerShell commands. The attack involves copying a text string that secretly contains a script to search br...
Read More »