‘ClickFix’ hackers pose as VCs, hijack QuickLens in latest crypto attacks
The ClickFix technique gained popularity among crypto hackers last year, but security researchers have been tracking it since 2024, with targets spanning several industries.
Crypto hackers attempting to use “ClickFix” attacks to steal crypto have now turned to impersonating venture capital firms and hijacking browser extensions in their two most recent attacks.
According to a report by cybersecurity firm Moonlock Lab on Monday, scammers are using fake venture capital firms such as SolidBit, MegaBit and Lumax Capital. The hackers are using the firms to contact users via LinkedIn with partnership offers, then funneling them to fake Zoom and Google Meet links.
When a target clicks the fraudulent link, they are taken to an event page featuring a fake Cloudflare “I’m not a robot” checkbox. Clicking it copies a malicious command to the clipboard and prompts the user to open their computer’s terminal and paste the so-called verification code, which executes the attack.
Source: Cointelegraph →Related News
- 51 minutes ago
‘We are so close this time‘ — Senator Lummis on market structure bill
- 1 hour ago
Bhutan offloads an additional $72.3M Bitcoin amid market downturn
- 3 hours ago
Japan’s SBI VC Trade launches retail USDC lending as stablecoin use grows
- 3 hours ago
Circle’s policy chief tells UK to merge MiCA clarity with US stablecoin rules
- 3 hours ago
74% of institutions expect crypto prices to rise in 12 months: Survey