Phishing Kit 'ClickFix' Automates Malware Delivery

A new phishing kit, the IUAM ClickFix Generator, is automating sophisticated social engineering attacks by creating fake browser verification pages. The tool tricks victims into manually running malicious commands, using clipboard injection to deliver malware like the DeerStealer and Odyssey infostealers across multiple operating systems. By commoditizing this "ClickFix" attack method, the kit lowers the barrier for cybercriminals of all skill levels to launch effective campaigns. This trend highlights the growing threat of phishing-as-a-service, where complex attack tools are made easily accessible. Users are warned to never manually execute commands prompted by a website to prove they are human.

Latest mentioned: 10-08

Earliest mentioned: 10-08

Sources

gbhackers.com paloaltonetworks.com

Also Read

PhantomRaven Supply-Chain Attack Infects npm Ecosystem

Koi Security has discovered a massive supply-chain attack called PhantomRaven, which has infected the npm ecosystem with 126 malicious packages downloaded over 86,000 times. The campaign, active since August 2025, steals npm authentication tokens, GitHub credentials, and CI/CD secrets by concealing malicious code in dependencies. The attackers used Remote Dynamic Dependencies (RDD) to bypass security scanners, making the packages appear harmless. The malware executed automatically during installation, performing aggressive reconnaissance and exfiltration. Koi Security noted the use of AI-driven slopsquatting to create plausible-sounding package names, tricking developers into trusting malicious packages.

10-31Read more →