216.73.217.80

ClickFix Scam Exposed! Protect Your Data Before It's Too Late

· Published 11/02/2025 11:54 · Modified 11/02/2025 14:34

Export JSON

Essential information

Published
11/02/2025 11:54
Modified
11/02/2025 14:34
Tags
2025-02-11 captcha clickfix credential-theft deepseek lumma stealer phishing social engineering vidar stealer
Related entities
7 observables, 18 techniques (mitre), 2 malware

Description

Cybercriminals are exploiting 's popularity to launch campaigns, tricking users into clicking fake links that steal credentials and install malware like Vidar and . These attacks impersonate 's branding to appear legitimate and bypass security measures. A malicious domain was discovered distributing malware via deceptive verification buttons. The campaign uses Cloudflare to mask its true nature and evade detection. The malware incorporates social media platforms for updates, support, and command-and-control functionality. Recommendations include user education, multi-factor authentication, email filtering, network segmentation, and regular software updates to mitigate the risks of attacks and protect against data theft and financial loss.

External references