Microsoft Warns of ClickFix Campaign Exploiting Windows Terminal for Lumma Stealer Malware

Microsoft has warned of a ClickFix campaign in which attackers exploit Windows Terminal to deliver the Lumma Stealer malware through social engineering attacks. The campaign tricks users into executing malicious commands, enabling a multi-stage attack chain that ultimately deploys the malware. No specific dates, affected versions, or CVE IDs were disclosed in the report. The primary impact involves the theft of sensitive data via the Lumma Stealer, though further technical details on the attack vector remain limited. The threat underscores the growing risk of malware distribution through legitimate Windows utilities.