toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.

Administered by:

Server stats:

198
active users

#clickfix

2 posts2 participants0 posts today
ESET Research<p><a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> went from virtually non-existent to the second most common attack vector blocked by <a href="https://infosec.exchange/tags/ESET" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESET</span></a>, surpassed only by <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phishing</span></a>. This novel social engineering technique accounted for nearly 8% of all detections in H1 2025. <a href="https://infosec.exchange/tags/ESETresearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESETresearch</span></a><br>ClickFix lures users by displaying bogus error messages followed by quick fix instructions, including copy-pasting malicious code. Running the code in the victim’s command line interpreter delivers malware such as <a href="https://infosec.exchange/tags/RATs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RATs</span></a>, infostealers, and cryptominers.<br>Between H2 2024 and H1 2025, ESET’s detection for ClickFix, HTML/FakeCaptcha, skyrocketed by 517%. Most detections in ESET telemetry were reported from Japan (23%), Peru (6%), and Poland, Spain, and Slovakia (&gt;5% each).<br>What makes <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> so effective? The fake error message looks convincing; instructions are simple, yet the copied command is too technical for most users to understand. Pasting it into cmd leads to compromise with final payloads, including <a href="https://infosec.exchange/tags/DarkGate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DarkGate</span></a> or <a href="https://infosec.exchange/tags/LummaStealer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LummaStealer</span></a>. <br>While <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> was introduced by cybercriminals, it’s since been adopted by APT groups: Kimsuky, Lazarus; Callisto, Sednit; MuddyWater; APT36. NK-aligned actors used it to target developers, steal crypto and passwords from Metamask and <a href="https://infosec.exchange/tags/macOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>macOS</span></a> Keychain. <br><a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> uses psychological manipulation by presenting fake issues and offering quick solutions, which makes it dangerously efficient. It appears in many forms – error popups, email attachments, fake reCAPTCHAs – highlighting the need for greater vigilance online.<br>Read more in the <a href="https://infosec.exchange/tags/ESETThreatReport" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESETThreatReport</span></a>:<br>🔗 <a href="https://welivesecurity.com/en/eset-research/eset-threat-report-h1-2025" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">welivesecurity.com/en/eset-res</span><span class="invisible">earch/eset-threat-report-h1-2025</span></a></p>
Randy<p><span class="h-card" translate="no"><a href="https://abyssdomain.expert/@filippo" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>filippo</span></a></span> the copy/paste technique is called <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> . the site in the image is infected by TA2726's Keitaro which is well known for sending Windows folks to <a href="https://infosec.exchange/tags/SocGholish" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SocGholish</span></a> . what they do with macOS folks has changed over the years. i see they sent you to something that delivered what looks like Poseidon Stealer.</p><p><a href="https://medium.com/@MateoPappa/letsdefend-poseidon-macos-stealer-hard-a796c85d8c72" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">medium.com/@MateoPappa/letsdef</span><span class="invisible">end-poseidon-macos-stealer-hard-a796c85d8c72</span></a></p>
Brad<p>2025-07-15 (Tuesday): Tracking <a href="https://infosec.exchange/tags/SmartApeSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SmartApeSG</span></a> </p><p>The SmartApeSG script injected into page from compromised website leads to <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> style fake verification page. ClickFix-ing you way through this leads to a <a href="https://infosec.exchange/tags/NetSupportRAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetSupportRAT</span></a> infection.</p><p>Compromised site (same as yesterday): </p><p>- medthermography[.]com</p><p>URLs for ClickFix style fake verification page:</p><p>- warpdrive[.]top/jjj/include.js<br>- warpdrive[.]top/jjj/index.php?W11WzmLj<br>- warpdrive[.]top/jjj/buffer.js?409a8bdbd9</p><p>Running the script for NetSupport RAT:</p><p>- sos-atlanta[.]com/lal.ps1<br>- sos-atlanta[.]com/lotu.zip?l=4773</p><p><a href="https://infosec.exchange/tags/NetSupport" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetSupport</span></a> RAT server (same as yesterday):</p><p>- 185.163.45[.]87:443</p>
Brad<p>2025-07-14 (Monday): <a href="https://infosec.exchange/tags/SmartApeSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SmartApeSG</span></a> script injected into page from compromised website leads to <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> style fake verification page. ClickFix-ing you way through this leads to a <a href="https://infosec.exchange/tags/NetSupportRAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetSupportRAT</span></a> infection.</p><p>Compromised site: </p><p>- medthermography[.]com</p><p>URLs for ClickFix style fake verification page:</p><p>- lebensversicherungvergleich[.]top/jjj/include.js<br>- lebensversicherungvergleich[.]top/jjj/index.php?OtKXgPVX<br>- lebensversicherungvergleich[.]top/jjj/buffer.js?4261984971</p><p>Running the script for NetSupport RAT:</p><p>- affordableasphalt-paving[.]com/lal.ps1<br>- affordableasphalt-paving[.]com/lotu.zip?l=3526</p><p><a href="https://infosec.exchange/tags/NetSupport" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetSupport</span></a> RAT server:</p><p>- 185.163.45[.]87:443</p>
Brad<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@badsamurai" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>badsamurai</span></a></span> That's basically my point. <a href="https://infosec.exchange/tags/FileFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FileFix</span></a> is just <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> by another name. Trying to separate the two doesn't make sense to me.</p><p>Definitely agree that your mitigation is a good way to help combat this.</p>
Brad<p><a href="https://infosec.exchange/tags/Example" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Example</span></a> 3: <a href="https://infosec.exchange/tags/TermFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TermFix</span></a> </p><p>I rarely see this, and I haven't yet personally documented it. So I found an image from a Google search to illustrate.</p><p>This example is from a <a href="https://infosec.exchange/tags/TermFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TermFix</span></a> style <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> popup asking the viewer to open a PowerShell terminal.</p>
Brad<p>Example 2: <a href="https://infosec.exchange/tags/FileFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FileFix</span></a> </p><p>As of 2025-07-03, the <a href="https://infosec.exchange/tags/KongTuke" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KongTuke</span></a> campaign is using FileFix style <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> pages to distribute whatever this campaign is distributing. </p><p>It's likely pushing <a href="https://infosec.exchange/tags/InterlockRAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InterlockRAT</span></a> based on previous discussions I've had here, but I couldn't confirm, because it didn't like me.</p>
Brad<p>Example 1: <a href="https://infosec.exchange/tags/RunFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RunFix</span></a></p><p>As of 2025-07-03, the <a href="https://infosec.exchange/tags/SmartApeSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SmartApeSG</span></a> campaign is using RunFix style <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> pages to distribute <a href="https://infosec.exchange/tags/NetSupportRAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetSupportRAT</span></a></p>
Brad<p><a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> is a social engineering technique that uses fake verification pages and clipboard hijacking to convince people to click and keyboard stroke their way to an infection. So let's categorize <a href="https://infosec.exchange/tags/FileFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FileFix</span></a> properly in the pantheon of ClickFix Attacks.</p><p>FileFix: A ClickFix page that asks you to past script into a File Manager window.</p><p><a href="https://infosec.exchange/tags/RunFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RunFix</span></a>: A ClickFix page that asks you to paste script into a Run window</p><p><a href="https://infosec.exchange/tags/TermFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TermFix</span></a>: A ClickFix page that asks you to paste script into a terminal window (cmd.exe console or PowerShell terminal).</p><p>We cool with that? Any others types I'm missing?</p>
Bill<p>Are we still on about the MotW flaws? I'm not sure anyone pays attention to that anyway.</p><p><a href="https://www.darkreading.com/endpoint-security/clickfix-spin-off-bypassing-key-browser-safeguards" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/endpoint-secur</span><span class="invisible">ity/clickfix-spin-off-bypassing-key-browser-safeguards</span></a></p><p><a href="https://infosec.exchange/tags/clickfix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>clickfix</span></a> <a href="https://infosec.exchange/tags/windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>windows</span></a></p>
Brad<p>2025-06-27 (Friday): <a href="https://infosec.exchange/tags/SmartApeSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SmartApeSG</span></a> infection chain leading to <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> lure leading to <a href="https://infosec.exchange/tags/NetSupportRAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetSupportRAT</span></a></p><p>URL sequence leading to ClickFix:</p><p>- palcomp3[.]top/sss/buf.js<br>- palcomp3[.]top/sss/index.php?GQX1KqUM<br>- palcomp3[.]top/sss/bof.js?19ec2a189848bc0bfa</p><p>URL sequence after running ClickFix script:</p><p>- camplively[.]com/all.php<br>- camplively[.]com/smks.zip?lap=3928</p><p>SHA256 hash for smks.zip archive containing NetSupport RAT package:</p><p>3be246afee53241eaa9c1f74d6720cc5d1004846ded378bd4b1040064b5631c5</p><p>NetSupportRAT C2: 185.163.45[.]30:443</p><p>cc: <span class="h-card" translate="no"><a href="https://infosec.exchange/@monitorsg" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monitorsg</span></a></span></p>
ESET Research<p>ESET Threat Report H1 2025: <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> attacks surge 500%, SnakeStealer tops infostealer charts, and NFC fraud jumps 35x. Plus, chaos in the ransomware underworld and a new Android adware menace—Kaleidoscope. Dive into the full report: <a href="https://web-assets.esetstatic.com/wls/en/papers/threat-reports/eset-threat-report-h12025.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">web-assets.esetstatic.com/wls/</span><span class="invisible">en/papers/threat-reports/eset-threat-report-h12025.pdf</span></a> <a href="https://infosec.exchange/tags/ESETresearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESETresearch</span></a></p>
The New Oil<p>New <a href="https://mastodon.thenewoil.org/tags/FileFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FileFix</span></a> attack weaponizes <a href="https://mastodon.thenewoil.org/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> <a href="https://mastodon.thenewoil.org/tags/FileExplorer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FileExplorer</span></a> for stealthy commands</p><p><a href="https://www.bleepingcomputer.com/news/security/filefix-attack-weaponizes-windows-file-explorer-for-stealthy-powershell-commands/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/filefix-attack-weaponizes-windows-file-explorer-for-stealthy-powershell-commands/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a></p>
Brad<p>2025-06-18 (Wednesday): <a href="https://infosec.exchange/tags/SmartApeSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SmartApeSG</span></a> --&gt; <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> lure --&gt; <a href="https://infosec.exchange/tags/NetSupportRAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetSupportRAT</span></a> --&gt; <a href="https://infosec.exchange/tags/StealCv2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StealCv2</span></a></p><p>A <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pcap</span></a> of the traffic, the malware/artifacts, and some IOCs are available at <a href="https://www.malware-traffic-analysis.net/2025/06/18/index.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">malware-traffic-analysis.net/2</span><span class="invisible">025/06/18/index.html</span></a>.</p><p>Today's the 12th anniversary of my first blog post on malware-traffic-analysis.net, so I made this post a bit more old school.</p>
ITSEC News<p>Interlock ransomware: what you need to know - "We don’t just want payment; we want accountability." The malicious hackers behind the I... <a href="https://www.tripwire.com/state-of-security/interlock-ransomware-what-you-need-know" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">tripwire.com/state-of-security</span><span class="invisible">/interlock-ransomware-what-you-need-know</span></a> <a href="https://schleuss.online/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://schleuss.online/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://schleuss.online/tags/guestblog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>guestblog</span></a> <a href="https://schleuss.online/tags/interlock" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>interlock</span></a> <a href="https://schleuss.online/tags/clickfix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>clickfix</span></a> <a href="https://schleuss.online/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a></p>
Graham Cluley<p>"We don’t just want payment; we want accountability." The malicious hackers behind the Interlock ransomware try to justify their attacks.</p><p>Learn more about what you need to know about Interlock in my article on the Tripwire blog.</p><p><a href="https://www.tripwire.com/state-of-security/interlock-ransomware-what-you-need-know" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">tripwire.com/state-of-security</span><span class="invisible">/interlock-ransomware-what-you-need-know</span></a></p><p><a href="https://mastodon.green/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.green/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://mastodon.green/tags/clickfix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>clickfix</span></a></p>
ccinfo.nl<p>TikTok staat bekend als platform voor creatieve content maar wordt nu ook gebruikt als lokaas voor cybercriminelen. <br>Podcast Youtube: <a href="https://youtu.be/cPADO5G5kJ0?si=7n-L01IBSzdX67DL" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">youtu.be/cPADO5G5kJ0?si=7n-L01</span><span class="invisible">IBSzdX67DL</span></a></p><p>Podcast Spotify: <a href="https://open.spotify.com/episode/2ZcrbUvXIOfBpPuaq7VQt7?si=61ccef7960ac43c7" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">open.spotify.com/episode/2Zcrb</span><span class="invisible">UvXIOfBpPuaq7VQt7?si=61ccef7960ac43c7</span></a></p><p>Artikel Cybercrimeinfo: <a href="https://www.ccinfo.nl/menu-onderwijs-ontwikkeling/cybercrime/malware/2527960_hoe-tiktok-verandert-in-een-digitale-valstrik-infostealer-malware-via-virale-video-s" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">ccinfo.nl/menu-onderwijs-ontwi</span><span class="invisible">kkeling/cybercrime/malware/2527960_hoe-tiktok-verandert-in-een-digitale-valstrik-infostealer-malware-via-virale-video-s</span></a></p><p><a href="https://mastodon.social/tags/TikTok" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TikTok</span></a> <a href="https://mastodon.social/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://mastodon.social/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://mastodon.social/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> <a href="https://mastodon.social/tags/infostealer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infostealer</span></a> <a href="https://mastodon.social/tags/socialengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>socialengineering</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/digitaleveiligheid" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>digitaleveiligheid</span></a> <a href="https://mastodon.social/tags/PowerShell" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PowerShell</span></a> <a href="https://mastodon.social/tags/StealC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StealC</span></a> <a href="https://mastodon.social/tags/Vidar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vidar</span></a> <a href="https://mastodon.social/tags/jongerenonline" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>jongerenonline</span></a> <a href="https://mastodon.social/tags/cyberdreiging" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberdreiging</span></a> <a href="https://mastodon.social/tags/cyberbewustzijn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberbewustzijn</span></a> <a href="https://mastodon.social/tags/darkweb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>darkweb</span></a> <a href="https://mastodon.social/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phishing</span></a> <a href="https://mastodon.social/tags/gratissoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gratissoftware</span></a> <a href="https://mastodon.social/tags/cyberaanval" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberaanval</span></a> <a href="https://mastodon.social/tags/digitalevalstrik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>digitalevalstrik</span></a></p>
Pyrzout :vm:<p>Fake software activation videos on TikTok spread Vidar, StealC – Source: securityaffairs.com <a href="https://ciso2ciso.com/fake-software-activation-videos-on-tiktok-spread-vidar-stealc-source-securityaffairs-com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/fake-software-ac</span><span class="invisible">tivation-videos-on-tiktok-spread-vidar-stealc-source-securityaffairs-com/</span></a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rssfeedpostgeneratorecho</span></a> <a href="https://social.skynetcloud.site/tags/informationsecuritynews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>informationsecuritynews</span></a> <a href="https://social.skynetcloud.site/tags/ITInformationSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITInformationSecurity</span></a> <a href="https://social.skynetcloud.site/tags/SecurityAffairscom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityAffairscom</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/PierluigiPaganini" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PierluigiPaganini</span></a> <a href="https://social.skynetcloud.site/tags/SecurityAffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityAffairs</span></a> <a href="https://social.skynetcloud.site/tags/SecurityAffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityAffairs</span></a> <a href="https://social.skynetcloud.site/tags/Stealcstealer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Stealcstealer</span></a> <a href="https://social.skynetcloud.site/tags/BreakingNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BreakingNews</span></a> <a href="https://social.skynetcloud.site/tags/SecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/hackingnews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hackingnews</span></a> <a href="https://social.skynetcloud.site/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberCrime</span></a> <a href="https://social.skynetcloud.site/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybercrime</span></a> <a href="https://social.skynetcloud.site/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://social.skynetcloud.site/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://social.skynetcloud.site/tags/TikTok" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TikTok</span></a> <a href="https://social.skynetcloud.site/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a></p>
sekurak News<p>Infostealery rozprzestrzeniają się przez TikTok i technikę ClickFix – szczegóły techniczne kampanii</p><p>W ostatnich tygodniach badacze bezpieczeństwa zaobserwowali nietypową, skuteczną kampanię malware, w której cyberprzestępcy wykorzystują popularność TikToka do dystrybucji złośliwego oprogramowania typu infostealer (m.in. Vidar, StealC, Latrodectus). Atak opiera się na tzw. technice ClickFix, polegającej na nakłanianiu użytkowników do samodzielnego uruchamiania złośliwych poleceń PowerShell. Poniżej przedstawiamy szczegółową analizę tej kampanii oraz...</p><p><a href="https://mastodon.com.pl/tags/WBiegu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WBiegu</span></a> <a href="https://mastodon.com.pl/tags/Clickfix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Clickfix</span></a> <a href="https://mastodon.com.pl/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://mastodon.com.pl/tags/Rejestr" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rejestr</span></a> <a href="https://mastodon.com.pl/tags/Sideloading" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sideloading</span></a> <a href="https://mastodon.com.pl/tags/Tiktok" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tiktok</span></a></p><p><a href="https://sekurak.pl/infostealery-rozprzestrzeniaja-sie-przez-tiktok-i-technike-clickfix-szczegoly-techniczne-kampanii/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">sekurak.pl/infostealery-rozprz</span><span class="invisible">estrzeniaja-sie-przez-tiktok-i-technike-clickfix-szczegoly-techniczne-kampanii/</span></a></p>
Herr Dennis 🖖🙂<p>Ich weiß ja nicht, wo ihr euch so herumtreibt, aber das könnte eventuell wichtig sein.</p><p><a href="https://winfuture.de/news,151149.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">winfuture.de/news,151149.html</span><span class="invisible"></span></a></p><p><a href="https://norden.social/tags/ClickFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClickFix</span></a> <a href="https://norden.social/tags/TikTok" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TikTok</span></a> <a href="https://norden.social/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a></p>