logo

ClickFix Now Cybercriminals' Favorite Malware Delivery Technique

ID: 56532bab-52db-5552-ae48-e1329cb57a4e

STIX ID: report--56532bab-52db-5552-ae48-e1329cb57a4e

Feed Name: Infosecurity Magazine (News)

Threat Score
72/100

Date Published: 2026-06-30

Date Updated: 2026-07-02

...
...

ReliaQuest analysis found that the ClickFix social-engineering technique became the dominant malware delivery method between March and May 2026 by tricking users into pasting attacker-supplied commands into Run/Terminal/Script Editor; this bypasses many defenses and has been used to deliver Windows and macOS malware (including Deepload and AMOS infostealer) to steal credentials, cookies, and crypto wallets. The report urges user training (do not paste commands), simulated exercises, and administrative controls (restrict run dialog/clipboard, block malicious sites, restrict execution) to mitigate the threat.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.