Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and bypass security detection systems.
Hosted on MSN

A fake Windows Update screen is fooling Windows users into installing malware

Full-screen fake Windows Update or captcha tricks users into pasting and running attacker commands. Malware is steganographically stored in PNG pixels; a .NET Stego Loader extracts, decrypts, and runs ...
Bleeping Computer

ClickFix attack uses fake Windows Update screen to push malware

ClickFix attack variants have been observed where threat actors trick users with a realistic-looking Windows Update animation in a full-screen browser page and hide the malicious code inside images.
Hosted on MSN

Fake Windows Update screens are being used to convince users to install malware now, proving that nothing is sacred in the cybersecurity world

If you're anything like me, you keep a sharp eye on your Windows Defender updates to make sure your PC is protected against the latest threats. However, while Defender is remarkably good at catching ...
PC World

Watch out for this fake ‘Windows Update’ malware scam that’s going around

Security researchers from Huntress are warning the public about a new variant of ClickFix, one of the most popular scam methods right now. In this variant, you’re hit with a full-screen browser page ...