{"id":216694,"date":"2025-06-27T06:20:46","date_gmt":"2025-06-27T11:20:46","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/06\/new-filefix-method-emerges-as-a-threat-following-517-rise-in-clickfix-attacks"},"modified":"2025-06-27T06:20:46","modified_gmt":"2025-06-27T11:20:46","slug":"new-filefix-method-emerges-as-a-threat-following-517-rise-in-clickfix-attacks","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/06\/new-filefix-method-emerges-as-a-threat-following-517-rise-in-clickfix-attacks","title":{"rendered":"New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/new-filefix-method-emerges-as-a-threat-following-517-rise-in-clickfix-attacks2.jpg\"><\/a><\/p>\n<p>\u201cThe list of threats that ClickFix attacks lead to is growing by the day, including infostealers, ransomware, remote access trojans, cryptominers, post-exploitation tools, and even custom malware from nation-state-aligned threat actors,\u201d Ji\u0159\u00ed Krop\u00e1\u010d, Director of Threat Prevention Labs at ESET, <a href=\"https:\/\/www.welivesecurity.com\/en\/eset-research\/eset-threat-report-h1-2025\/\" rel=\"noopener\" target=\"_blank\">said<\/a>.<\/p>\n<p>ClickFix has <a href=\"https:\/\/thehackernews.com\/2025\/03\/microsoft-warns-of-clickfix-phishing.html\" rel=\"noopener\" target=\"_blank\">become<\/a> a <a href=\"https:\/\/thehackernews.com\/2025\/04\/state-sponsored-hackers-weaponize.html\" rel=\"noopener\" target=\"_blank\">widely popular<\/a> and <a href=\"https:\/\/thehackernews.com\/2025\/04\/ransomhub-went-dark-april-1-affiliates.html\" rel=\"noopener\" target=\"_blank\">deceptive method<\/a> that employs bogus error messages or CAPTCHA verification checks to entice victims into copying and pasting a malicious script into either the Windows Run dialog or the Apple macOS Terminal app, and running it.<\/p>\n<p>The Slovak cybersecurity company said the highest volume of ClickFix detections are concentrated around Japan, Peru, Poland, Spain, and Slovakia.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u201cThe list of threats that ClickFix attacks lead to is growing by the day, including infostealers, ransomware, remote access trojans, cryptominers, post-exploitation tools, and even custom malware from nation-state-aligned threat actors,\u201d Ji\u0159\u00ed Krop\u00e1\u010d, Director of Threat Prevention Labs at ESET, said. ClickFix has become a widely popular and deceptive method that employs bogus error messages [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-216694","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/216694","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=216694"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/216694\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=216694"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=216694"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=216694"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}