Fake “Windows” update spreads malicious software
ملاحظة: النص المسموع ناتج عن نظام آلي
- "ClickFix" campaign uses fake Windows update to spread malware
- Attack steals passwords and sensitive data
Cybersecurity researchers warned of a new escalation in the fraudulent "ClickFix" campaign, which this time relies on impersonating Windows system updates to distribute malware in a sophisticated deception method that is hard to distinguish from real updates.
According to reports, the campaign abandoned the previously used "human verification" method and replaced it with a full-screen Windows update interface, complete with progress bars and familiar messages that trick the user into believing an urgent security update is required.
The victim is asked to open the "Run" window and paste a specific command, which, once executed, downloads malicious software without the user’s knowledge.
Experts explained that this command triggers a complex chain of infections starting with downloading an external script, then executing encrypted commands, ending with installing spyware designed to steal passwords, cookies, and other sensitive data.
The attack’s danger lies in its use of advanced hiding techniques, embedding the malicious code inside seemingly normal image files, allowing it to run directly in memory without creating visible files on the device, making it difficult for traditional security software to detect.
After reconstructing the malicious code, it is injected into trusted Windows processes to run stealthily.
Reports indicated that the campaign distributed spyware tools known for their ability to steal login data and send it to attackers with minimal digital traces.
Specialists advised users not to execute any commands requested by websites, to ensure system updates are performed exclusively through official Windows settings, to use trusted security software, and to check website URLs before interacting with them.
Experts emphasized that the success of this type of attack depends entirely on user interaction, exploiting the high level of trust in system updates, making caution and vigilance the first line of defense.