Huntress discovers ‘CrashFix,’ a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware.
Category: ClickFix
Breaking News, ClickFix, cyber crime, Europe, Global Security News, malware, Security
Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector
PHALT#BLYX targets European hotels with fake Booking emails and BSoD lures, tricking staff into installing the DCRat remote access trojan. Researchers uncovered a late-December 2025 campaign, dubbed PHALT#BLYX, targeting European hotels with fake Booking-themed emails. Victims are redirected to bogus BSoD pages using ClickFix-style lures that prompt them to apply “fixes.” The multi-stage attack ultimately…
ClickFix, cyber attack, Cybersecurity, Global Security News, malware, Security
New MacSync Stealer Disguised as Trusted Mac App Hunts Saved Passwords
Jamf security experts have found a new version of MacSync Stealer. Disguised as a zk-call app, it uses official notarization to bypass security and steal your saved passwords.
ClickFix, cyber attack, Cybersecurity, Global Security News, malware, Security
New ClickFix Attack Uses Fake Browser Fix to Install DarkGate Malware
Researchers at Point Wild have discovered a new ClickFix attack campaign that tricks users into manually installing DarkGate malware via fake browser extension alerts. Learn how this attack bypasses security by using the Windows Run box and how you can stay safe.
ClickFix, Global Security News, malware, Security
CastleLoader Malware Now Uses Python Loader to Bypass Security
Cybersecurity researchers at Blackpoint Cyber discovered a new, evasive CastleLoader malware variant using Python and ClickFix social engineering to deliver RATs and info-stealers directly from memory.
ClickFix, cyber attack, Global Security News, malware, Scams and Fraud, Security
Lazarus Group Deploys Malware With ClickFix Scam in Fake Job Interviews
North Korea’s Lazarus Group uses the ClickFix scam in fake crypto job interviews to deploy malware, steal data,…
ClickFix, Global Security News, malware, Scams and Fraud, Security
Fake AnyDesk Installer Spreads MetaStealer Through ClickFix Scam
A new and clever ClickFix scam is using a fake AnyDesk installer and Windows search to bypass security,…
ClickFix, cyber attack, Global Security News, malware, Security
OnlyFans, Discord ClickFix-Themed Pages Spread Epsilon Red Ransomware
Beware of Epsilon Red ransomware as attackers impersonate Discord, Twitch and OnlyFans using fake verification pages with .HTA files and ActiveX to spread malware.
ClickFix, cyber attack, Cybersecurity, Global Security News, Phishing Scam, Security
Microsoft Most Phished Brand in Q2 2025, Check Point
Microsoft was the most impersonated brand in phishing attacks during Q2 2025, accounting for 25% of all attempts, according to Check Point Research.
Breaking News, ClickFix, cyber crime, Cybercrime, Emerging Tech, Global Security News, malware
Interlock ransomware group deploys new PHP-based RAT via FileFix
Interlock ransomware group deploys new PHP-based RAT via FileFix (a ClickFix variant) in a widespread campaign targeting multiple industries. The Interlock ransomware group is deploying a new PHP-based variant of the Interlock RAT in a broad campaign. According to researchers from the DFIR Report, in partnership with Proofpoint, it uses a delivery method known as FileFix,…
ClickFix, cyber attack, Global Security News, malware, Security
ClickFix Email Scam Alert: Fake Booking.com Emails Deliver Malware
Cofense Intelligence uncovers a surge in ClickFix email scams impersonating Booking.com, delivering RATs and info-stealers. Learn how these…
ClickFix, data breach, Global Security News, Guest blog, Interlock, malware, Ransomware
Interlock ransomware: what you need to know
“We don’t just want payment; we want accountability.” The malicious hackers behind the Interlock ransomware try to justify their attacks. Learn more about what you need to know about Interlock in my article on the Tripwire State of Security blog.
ClickFix, Exploits, Facebook, Global Security News, Google Chrome, Microsoft Office, mshta.exe, Other, proofpoint, U.S. Department of Health and Human Services
ClickFix: How to Infect Your PC in Three Easy Steps
A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed “ClickFix,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. ClickFix attacks mimic the…