A new version of popular social engineering tool ClickFix has been developed, potentially putting Windows users at risk.
A cybersecurity researcher who goes by the name mr. dox has developed a new version of ClickFix, a browser-based attack often disguised as captchas to trick victims into pressing a button which then copies a command to Windows Clipboard. From there, users are encouraged to paste the command into a prompt to ‘fix’ an issue.
The new tool, dubbed FileFix, allows cybercriminals to execute commands on the victim system through the File Explorer address bar in Windows,” - this new attack is a similar premise, but uses Windows File Explorer to create a ‘highly plausible scenario’.
Source: www.techradar.com
No comments:
Post a Comment