The ClickFix social engineering technique has gained popularity among threat actors, targeting thousands of devices globally. It tricks users into executing malicious commands on their devices by exploiting their tendency to solve minor technical issues. The technique often impersonates legitimate brands and combines with delivery vectors like phishing and malvertising. ClickFix campaigns typically lead users to a visual lure, such as a landing page, instructing them to run commands in the Windows Run dialog. This user interaction element helps bypass conventional security solutions. Various malware, including infostealers and remote access tools, are delivered through ClickFix attacks. The technique has evolved to target macOS users and is being sold as part of malware kits on hacker forums. Author: AlienVault
Related Tags:
Atomic macOS Stealer (AMOS)
Lampion
MintsLoader
LATRODECTUS
T1569.002
T1053.005
Switzerland
France
Obfuscation
Associated Indicators:
592EF7705B9B91E37653F9D376B5492B08B2E033888ED54A0FD08AB043114718
061D378FFED42913D537DA177DE5321C67178E27E26FCA9337E472384D2798C8
D9FFE7D433D715A2BF9A31168656E965B893535AB2E2D9CAB81D99F0CE0D10C9
8FB329AE6B590C545C242F0BEF98191965F7AFED42352A0C84CA3CCC63F68629
http://guildmerger.co/verify/eminem
http://applemacios.com/vv/install.sh
http://applemacios.com/vv/update
185.234.72.186
83.242.96.159