The attackers create fake sites similar to the official website of the spectrum provider. They want to pass through Captcha at the entrance of such a user page. When he presses on “I am not a robot”, an error message and an alternative verification sentence appear. By pressing the button, a person receives instructions for starting a team at the terminal. In MacOS, this team starts a script that stole the passwords and sets the virus – Atomic MacOS Stealer (AMOS).
Researchers believe that there are Russian -speaking hackers because Russian comments are in the code. Problems with logic on sites (for example, Windows instructions for Linux and MacOS users) indicate that everything is in a hurry.
Clickfix has already been used in other attacks – “cookies” from booking.com to fake e -mail fake buttons. Users are asked to be careful and not to start suspicious commands from the network.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
