Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...

SilentPush warns of DriveSurge campaign using compromised websites to spread malware

The websites are being abused as part of an Initial Access Broker campaign.
腾讯网

ClickFix攻击活动通过虚假AI工具安装包传播MacSync信息窃取木马

研究人员发现三种不同的ClickFix攻击活动,正在将其作为传播载体来部署一款名为MacSync的macOS信息窃取木马。 Sophos安全研究人员Jagadeesh Chandraiah、Tonmoy Jitu、Dmitry Samosseiko和Matt Wixey表示:"与传统的基于漏洞利用的攻击不同,这种方法完全依赖于用户交互——通常 ...
新浪网

微软警告:黑客“ClickFix”钓鱼攻击激增,用户警觉性成关键防线

IT之家 10 月 18 日消息,微软现已发布《2025 数字防御报告(Digital Defense Report 2025)》,其中提到近年来“ClickFix”式攻击愈发流行。 微软指出,自 2024 年(去年)初起,基于 ClickFix 的攻击数量急剧上升。这种攻击通常以网页、邮件为载体,主要伪造一系列系统弹 ...
腾讯网

macOS系统遭ClickFix攻击,AppleScript窃取器盗取账户凭证与加密钱包

一场针对macOS用户的ClickFix攻击活动正在蔓延,攻击者通过基于AppleScript的信息窃取程序,从14款浏览器、16个加密货币钱包以及200余个浏览器扩展中批量收割用户凭证与活跃会话Cookie。 Netskope威胁实验室研究员Jan Michael Alcantara向媒体透露,该团队最早于上月发现这 ...
BGR

The NSA Warns You To Stop Using Your iPhone Or Android Device If This Happens

You are on your phone looking through websites. You click on one that you want to read more information on when a popup comes up. It says that you need to verify your identity before proceeding to the ...
Infosecurity-magazine.com

‘ClickFix’ Cyber-Attacks for Malware Deployment on the Rise

Threat actors are ramping up the use of ‘ClickFix’ social engineering attacks, with this tactic likely proving highly effective for malware deployment. A new analysis by Proofpoint highlighted ...
Bleeping Computer

From ClickFix to MetaStealer: Dissecting Evolving Threat Actor Techniques

During the past fifteen business days, Huntress analysts have observed increased threat activity involving several notable techniques. One case involved a malicious AnyDesk installer, which initially ...
Dark Reading

Lazarus APT Jumps on ClickFix Bandwagon in Recent Attacks

North Korea's Lazarus threat is the latest cybercriminal group to adopt the increasingly popular "ClickFix" attack method in its ongoing campaign to target job seekers, in an effort to steal ...
Dark Reading

Cutting-Edge ClickFix Tactics Snowball, Pushing Phishing Forward

ClickFix campaigns are gaining steam according to various security researchers, with recent campaigns spotted across the globe from a wide swath of cyberattackers. The increasingly popular tactic ...
来自MSN

I put Apple’s new macOS ClickFix warnings to the test and they actually worked — now I ...

Instead of waiting for you to download a bad app or a malicious file, hackers have spent the last two years tricking unsuspecting users into infecting their own computers with malware. Known as ...