Crypto Professionals in the Firing Line as ClickFix Scam Spreads
ClickFix attackers are impersonating VCs and hijacking browser extensions like QuickLens to steal crypto assets.Summary
Crypto hackers are escalating 'ClickFix' attacks by impersonating venture capital firms like SolidBit, MegaBit, and Lumax Capital via LinkedIn to lure victims into running malicious commands through fake verification links. This technique forces the victim to execute the payload manually, bypassing standard security controls. Moonlock Lab identified a person named Mykhailo Hureiev associated with the initial contact phase of the VC impersonation scam. Separately, the Chrome extension QuickLens was compromised after a change in ownership, leading to the distribution of malware that executed ClickFix attacks, stealing crypto wallet data, seed phrases, and other sensitive information from around 7,000 users before being removed. The ClickFix technique, which forces manual execution of malicious code, has been growing in popularity since last year, targeting various industries globally.
(Source:Cointelegraph)