ClickFix Now Cybercriminals' Favorite Malware Delivery Technique
ID: 56532bab-52db-5552-ae48-e1329cb57a4e
STIX ID: report--56532bab-52db-5552-ae48-e1329cb57a4e
Feed Name: Infosecurity Magazine (News)
ReliaQuest analysis found that the ClickFix social-engineering technique became the dominant malware delivery method between March and May 2026 by tricking users into pasting attacker-supplied commands into Run/Terminal/Script Editor; this bypasses many defenses and has been used to deliver Windows and macOS malware (including Deepload and AMOS infostealer) to steal credentials, cookies, and crypto wallets. The report urges user training (do not paste commands), simulated exercises, and administrative controls (restrict run dialog/clipboard, block malicious sites, restrict execution) to mitigate the threat.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
