Hackers hijack websites, deploy problems instead

Guess what is back in the news and we’ve talked about in the past? If you guessed Click Fix, you’re correct.

The image shows a web browser with a partially obscured URL and a message instructing the user to verify they are human by completing an action. A pop-up titled “Run” is open, displaying a command line input with a PowerShell command that includes a remote address. The verification message instructs the user to press Windows key + R to open the Run dialog, press Ctrl + V to paste the command, and click OK to continue. This appears to be a suspicious or potentially harmful prompt.

This is one just prompt you’ll see. We have talked about this in numerous podcasts and blog posts.

At least 80 domains are used, and they can do anything from fake browser updates, to telling you that they’re fixing an issue.

As we say and the article goes in to detail, it is recommended not to run commands you’re not sure of. Also, update your browser through auto update or through help, about which can trigger the update if you’re behind.

The article goes in to detail, so I won’t bore you on taking this apart, but a new research team is finding this, and it seems like its not going anywhere.

It may also be doing more things than what we first talked about too.

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks