Fix the Click Preventing the ClickFix Attack Vector
Executive Summary
In this article, we share hunting tips and mitigation strategies for ClickFix campaigns and provide an inside view of some of the most prominent ClickFix campaigns we have seen so far in 2025:
- Attackers distributing NetSupport remote access Trojan (RAT) are ramping up activities with a new loader.
- Attackers distributing Latrodectus malware are luring victims with a new ClickFix campaign.
- Prolific Lumma Stealer campaign targeting multiple industries with new techniques.
ClickFix is an increasingly popular technique that threat actors use in social engineering lures. This technique tricks potential victims into executing malicious commands, under the pretense of conducting “quick fixes” for common computer issues.
These campaigns use the reputations of legitimate products and services to hide their activities in a way that makes them more difficult to spot. This does not imply that the author of the executable file is at fault or liable for the outcome caused by the malware.
ClickFix campaigns have impacted organizations in a wide variety of industries, including:
- High technology
- Financial services
- Manufacturing
- Wholesale and retail
- State and local government
- Professional and legal services
- Utilities and energy
To read the complete article see: