ClickFix Malware Evolves to Target macOS, Android, and iOS in Drive-By Attacks

0
399

A new variant of ClickFix malware is raising alarms across the cybersecurity community as researchers confirm it now targets not only Windows systems but also macOS, Android, and iOS platforms. 

Originally notorious for duping users into installing malicious software by masquerading as a system fix, the updated ClickFix campaign has evolved into a more insidious and widespread threat.

What Is ClickFix Malware?

ClickFix is a form of malware that tricks users into thinking they are resolving a computer issue, as they install the malware.

Signup for the USA Herald exclusive Newsletter

 Traditionally, a Windows-specific threat, it worked by redirecting users to malicious pages through compromised websites, encouraging them to run harmful scripts under the guise of “fixing” a problem.

However, new research from security firm c/side shows that the ClickFix malware has undergone a major transformation, expanding its reach to macOS, Android, and iOS platforms. 

Even more concerning, on mobile platforms, the malware now operates via drive-by attacks, which require no user interaction at all.

How the Attack Works Across Platforms

According to c/side’s technical breakdown, the new ClickFix campaign starts when a user visits a compromised website. JavaScript injected into the site redirects the user to a fake URL-shortener page.