Devious new ClickFix malware variant targets macOS, Android, and iOS using browser-based redirections

Security researchers found ClickFix attacks evolving to target other operating systems
On Android and iOS, the attack is particularly worrisome, as it transforms into a drive-by attack
The malware is already being flagged by antivirus programs

ClickFix, an infamous hacking technique that tricks people into running malware thinking they’re fixing a problem on their computer, has evolved, experts have warned.

New research from c/side has revealed what used to be a Windows-only attack method is now capable of targeting macOS, iOS and Android devices, as well.

In a blog post analyzing the evolution, the researchers said the new attack starts with a compromised website. The threat actors would inject JavaScript code which redirected users to a new browser tab when they clicked on certain elements on the page. The new tab then displays a page that looks like a legitimate URL shortener, with a message to copy and paste a link into the browser – and doing so triggers yet another redirect, this time to a download page.

Fetching the malicious payload

Here is where the technique diverges, depending on the operating system of the victim.

On macOS, the attack leads to a terminal command that fetches and executes a malicious shell script, already flagged by multiple antivirus programs.

On Android and iOS, things are even worse, since the attack no longer requires any user interaction.

“When we tested this on Android and iOS, we expected a ClickFix variant. But instead, we encountered a drive-by attack,” the researchers explained.

“A drive-by attack is a type of cyberattack where malicious code is executed or downloaded onto a device simply by visiting a compromised or malicious webpage. No clicks, installs, or interaction required.”

In this case, the site downloads a .TAR archive file, holding malware. This one, too, was flagged by at least five antivirus programs already.

“This is a fascinating and evolving attack that demonstrates how attackers are expanding their reach,” c/side explained. “What started as a Windows-specific ClickFix campaign is now targeting macOS, Android, and iOS, significantly expanding the scale of the operation.”

https://cdn.mos.cms.futurecdn.net/S2k99RTyJJhGbDwQRHUsyg.jpg

Source link

Walmart has a massive fall clearance sale – TVs, Christmas decor, vacuums and more

Google Messages is doubling down on scam prevention with two new safety measures – this is how you can keep your inbox clean

Microsoft reveals plan to ‘make every Windows 11 PC an AI PC’ with new voice input, Copilot Vision and supercharged AI powers

Minecraft’s iconic Creeper might not be added to the game if it was made today says Mojang CEO – ‘It would actually be so...

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

Which Celebrity Styles Americans Copy Most in 2025: New Study

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

Enterprise Products Partners' SWOT analysis: midstream giant's stock resilience tested

JetBlue's SWOT analysis: airline stock faces turbulence amid strategic shifts

Minnesota lawmaker killed on Saturday served with compassion, governor says

Minnesota shooting suspect told friend in text message: I might be dead soon

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Devious new ClickFix malware variant targets macOS, Android, and iOS using browser-based redirections

Walmart has a massive fall clearance sale – TVs, Christmas decor, vacuums and more

Google Messages is doubling down on scam prevention with two new safety measures – this is how you can keep your inbox clean

Microsoft reveals plan to ‘make every Windows 11 PC an AI PC’ with new voice input, Copilot Vision and supercharged AI powers

Minecraft’s iconic Creeper might not be added to the game if it was made today says Mojang CEO – ‘It would actually be so...