Related Posts
- Advertisement -
- Security researchers found clickfix -evolving attacks to focus on other operating systems
- On Android and iOS, the attack is particularly worrying, because it transforms into a drive-by attack
- The malware is already marked by antivirus programs
Clickfix, a notorious hacking technique that misleads people to run malware Thinking that they solve a problem on their computer has evolved, experts have warned.
New research by C/Side has revealed what used to be an attack method for Windows, is now also able to focus on macOS, iOS and Android devices.
In one Blog post The researchers analyze the evolution and said that the new attack starts with a compromised website. The threat actors would inject JavaScript code that sent users to a new browser tab when they clicked on certain elements on the page. The new tab then displays a page that looks like a legitimate URL, with a message to copy and paste a link in the browser – and this activates another detour, this time to a download page.
Gain the malignant charge
Here the technology varies, depending on the operating system of the victim.
On MacOS, the attack leads to a terminal command that gets and performs a malicious Shell script, already marked by several antivirus programs.
On Android And iOS, things are even worse, because the attack no longer requires user interaction.
“When we tested this on Android and iOS, we expected a ClickFix variant. But instead we came across a drive-by attack,” the researchers explained.
“A drive-by attack is a type of cyber attack in which malignant code is performed or downloaded to a device, simply by visiting a compromised or malignant web page. No clicks, installations or interaction required.”
In this case, the site downloads a .Tar archive file, with malware. This too was already marked by at least five antivirus programs.
“This is a fascinating and evolving attack that demonstrates how attackers expand their reach,” C/Side explained. “What started as a Windows-specific clickfix campaign is now aimed at macOS, Android and iOS, which considerably expand the scale of the operation.”
Maybe you like it too
- Advertisement -
