New "ClickFix" Malware Deployment Method Now Widely Used
OtherArcticWolfbooking.comClickFixFacebookGoogleChromeMicrosoftOfficeMicrosoftWindowsmshta.exeproofpointU.S.DepartmentofHealthandHumanServices
This content is an AI-generated summary. If you encounter any misinformation or problematic content, please report it to cyb.hub@proton.me.
A new malware deployment method called "ClickFix," initially spotted in targeted attacks last year, is now being used more broadly. This scam asks visitors to compromised or malicious websites to distinguish themselves from bots by pressing a combination of keyboard keys, which leads to the download of password-stealing malware on Microsoft Windows. Technical details include the use of mshta.exe to execute the malware. This method, previously seen in targeted attacks, is now being used more widely, increasing the risk for users.