Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery

ClickFix, the trick that fools people into running malware by hand, has quietly grown a back office.

New research shows the malicious commands behind its fake “prove you’re human” pages are now handed out by API-driven servers that give each visitor the same malware in a different disguise. The same research also turned up a new delivery method built to slip past Windows’ script scanning.

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories It’s dumb out there again. This week has the usual smell of prod on fire

Sophon PFG-1: a monolithic-3D AI ASIC with 330 GB of on-die DRAM and no HBM

Sophon PFG-1: a monolithic-3D AI ASIC with 330 GB of on-die DRAM and no HBM Source: Hacker News

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks The safety check that is supposed to stop an AI coding agent from running a dangerous command can be