ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware

ClickFix is not a malware, but a very successful social engineering technique. It primarily relies on MFA verification fatigue and fake CAPTCHA pages to silently install malware.

Researchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check. The Cloudflare check is called Turnstile and has replaced the earlier Cloudflare CAPTCHA process in keeping with an industry-wide migration toward frictionless security.

Cloudflare is a well-known and widely used service designed to improve the security and performance of websites. Most internet users will have come across a Cloudflare Turnstile challenge en route to a website and will not be surprised to see one. Turnstile operates by running non-intrusive JavaScript challenges to verify human activity.

For the complete article, see: Security Week Article

See more here: SlashNext Blog