ClickFix Chaos: How Hackers Turn Legitimate Software Into Cyber Nightmares

Threat actors are using the ClickFix technique to deliver NetSupport RAT, a remote access trojan, via bogus websites and fake browser updates. This scheme allows attackers full control over the victim’s device. Originally a legitimate IT tool, NetSupport RAT is now a favorite for cybercriminals targeting sensitive information.

3P
Published: February 11, 2025 10:12 amAdded: February 11, 2025 at 2:43 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Why bother asking for remote support when cybercriminals are already on the line, eager to help themselves to your data? With hackers using ClickFix to distribute NetSupport RAT, it seems like IT support is branching out into some rather shady customer service roles. Maybe they’ll start offering a ‘Get Hacked While You Wait’ program next!

Key Points:

  • NetSupport RAT is being spread using a new technique called ClickFix.
  • ClickFix involves fake CAPTCHA pages to trick users into executing malicious commands.
  • NetSupport RAT allows full control over infected devices for hackers.
  • The technique has also been used to spread an updated Lumma Stealer malware.
  • Cybercriminals are repurposing legitimate tools for malicious activities.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?