Security Brief: ClickFix Social Engineering Technique Floods Threat Landscape

SUMMARY :

Proofpoint researchers have identified a surge in the ClickFix social engineering technique across the threat landscape. This technique uses dialogue boxes with fake error messages to trick users into copying, pasting, and running malicious content on their computers. Multiple threat actors are employing ClickFix through compromised websites, documents, HTML attachments, and malicious URLs. Recent campaigns have included GitHub security vulnerability notifications, Swiss e-commerce marketplace impersonations, fake software updates, and ChatGPT-themed malvertising. The technique has been observed delivering various malware, including AsyncRAT, Danabot, DarkGate, Lumma Stealer, and NetSupport. The popularity of ClickFix is attributed to its effectiveness in bypassing security protections by exploiting users' desire to be helpful and independent.

OPENCTI LABELS :

powershell,phishing,social engineering,xworm,darkgate,asyncrat,lumma stealer,brute ratel c4,danabot,latrodectus,clickfix,netsupport,malware delivery,lucky volunteer,recaptcha phish,threat landscape


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Security Brief: ClickFix Social Engineering Technique Floods Threat Landscape