BradJul 3

#ClickFix is a social engineering technique that uses fake verification pages and clipboard hijacking to convince people to click and keyboard stroke their way to an infection. So let's categorize #FileFix properly in the pantheon of ClickFix Attacks.

FileFix: A ClickFix page that asks you to past script into a File Manager window.

#RunFix: A ClickFix page that asks you to paste script into a Run window

#TermFix: A ClickFix page that asks you to paste script into a terminal window (cmd.exe console or PowerShell terminal).

We cool with that? Any others types I'm missing?

Show threadBrad

Example 2: #FileFix

As of 2025-07-03, the #KongTuke campaign is using FileFix style #ClickFix pages to distribute whatever this campaign is distributing.

It's likely pushing #InterlockRAT based on previous discussions I've had here, but I couldn't confirm, because it didn't like me.

Jul 3 at 10:21pmWeb
Show threadJoshua SmallJul 3

@malware_traffic Surely the average user would realise CAPTCHA was spelt wrong and see this wasn't legit.