Comment reconnaitre ClickFix and FakeUpdate attacks hijack thousands of legitimate sites to push malware?

En bref

Threat actor DriveSurge has compromised thousands of legitimate, high reputation websites and is silently redirecting visitors to malware payloads via two well known social engineering lures: ClickFix (fake verification pages that ask you...

Comment ca fonctionne

Signaux d'alerte

A popup or page claiming a CAPTCHA/verification failed and asking you to open Run, Terminal, or PowerShell and paste a command. A browser update prompt appearing while browsing a random website (real updates live in the browser's own settings menu). A downloaded "update" delivered as a ZIP with multiple DLLs and an .exe installer

Que faire

1Never paste commands from a webpage into Windows Run, cmd, PowerShell, or macOS Terminal. Update browsers only via the app'

Source

bleepingcomputer

Source verifiee par Mythos Forensic Team

https://www.bleepingcomputer.com/news/security/hackers-hijack-thousands-of-sites-for-clickfix-and-fakeupdate-attacks/

FAQ

ClickFix and FakeUpdate attacks hijack thousands of legitimate sites to push malware est une vraie arnaque ?

Oui. Traitez le message, l'appel ou la demande de paiement comme suspect jusqu'a verification via un canal officiel.

Quels sont les premiers signaux ?

A popup or page claiming a CAPTCHA/verification failed and asking you to open Run, Terminal, or PowerShell and paste a command. A browser update prompt appearing while browsing a random website (real updates live in the browser's own settings menu). A downloaded "update" delivered as a ZIP with multiple DLLs and an .exe installer

Que faire en premier ?

Never paste commands from a webpage into Windows Run, cmd, PowerShell, or macOS Terminal. Update browsers only via the app'

LegalAudit peut-il verifier mon cas ?

Oui. Lancez le chat gratuit et collez le message, le lien, l'expediteur ou les details de paiement.