Skip to main content
  1. Home
  2. Computing
  3. News

Whatever you do, don’t click this error if you see it pop up

By
Example of the fake Chrome error hackers to trick people into installing malware.
Proofpoint

Hackers have devised a new, deceptive method to trick users into installing a malware named ClickFix, according to cybersecurity firm Proofpoint. The scheme involves enticing users with fake solutions to common errors in popular services such as Chrome, OneDrive, and Microsoft. Once users download and execute these “fixes” by clicking the Copy fix button, they unwittingly run a PowerShell or a Windows Run dialogue command that compromises their systems.

This dialogue installs a “root certificate” to flush the DNS cache, remove the clipboard content, show a fake message, and install an additional remote PowerShell script that does an anti-VM check before the info-stealer is installed. Various hacker groups, including those responsible for ClearFake, allegedly use this method. Proofpoint details how hackers exploit jeopardized sites by incorporating a malicious script handed over by Binance’s Smart Chain contract on the blockchain to spread malware and infect susceptible Windows computers.

Recommended Videos

The script will perform a series of checks to see if your computer is an acceptable candidate before downloading more payloads. It doesn’t end there since users also need to be aware of an email-based threat that uses HTML attachments with a Word look to them. These attachments will encourage users to download a “Word Online” extension to see the file.

Related: 
Best new movies to stream on Netflix, Hulu, Prime Video, HBO Max, and more

This other threat also has a high level of user interaction since a PowerShell command needs to be executed. Proofpoint spotted payloads such as Matanbuchus, DarkGate, NetSupport, XM Rig, Amadey Loader, a clipboard hijacker, and Lumma Stealer.

As scary as this might sound, there are plenty of precautions you can take to prevent falling victim to this type of sneaky attack. One such precaution is using one of the best antivirus programs, such as Norton or Bitdefender. Always be careful with the attachments you download, even from a trustworthy source. Remember never to copy or paste any code unless you know what it does.

By taking these precautions and staying informed on the latest threats, you can increase your chances of avoiding them.

Judy Sanhz
Judy Sanhz
Computing Writer
Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.
Topics

Editors’ Recommendations

Intel’s instability update cuts speed by up to 6.5% — but don’t panic yet
Intel Core i5-14600K processor inside its socket.

Intel has finally gotten a grip on its disastrous instability problems that have been the bane of some of Intel's best processors for nearly a year, including the Core i9-13900K and Core i9-14900K. The update was released last week, and users are now taking it out for a spin. And unfortunately, some are reporting performance drops of up to 6.5%.

A user on the Chiphell forums tested the new BIOS patch that is supposed to address instability on Intel's 13th-gen and 14th-gen CPUs. The user twfox saw a drop of around 6.5% with the Core i9-13900K in Cinebench R15's single-core test, at least compared against Wccftech's own tests. In the more recent Cinebench R23, the Core i9-14900K dropped about 2% of its multi-core score, falling behind AMD's Ryzen 9 7950X.

Read more
Don’t trust that Google sign-in — how hackers are swiping passwords in Chrome
Google Chrome browser running on Android Automotive in a car.

Hackers are swiping passwords from Google accounts in Chrome, and it can happen from the official Google sign-in page. The vehicle being used is called the AutoIt Credential Flusher, and it was discovered by the researchers at OALabs. The attack locks you into your browser at the Google sign-in page and doesn't allow you to leave, all while logging your email and password as you sign into your Google account.

The attack leverages "kiosk mode" in Chrome, which is a limited full-screen interface that doesn't have elements like the address bar or navigation buttons. It's used mainly for demonstration purposes -- think a laptop on display at Best Buy. And this attack is using kiosk mode to annoy users enough that they give up their passwords. It also blocks some normal commands to exit full-screen mode, such as Esc and F11. 

Read more
I tested AMD’s latest claims about Ryzen 9000, and they don’t hold up
The Ryzen 9 9950X between someone's fingertips.

AMD says that gaming performance on Ryzen 9000 is actually better than what you've read. As you can read in our Ryzen 9 9950X and Ryzen 9 9900X review, AMD's new Zen 5 CPUs are the best processors you can buy when it comes to productivity. Gaming performance, on the other hand, is disappointing.

According to a new blog post from AMD, there are a few reasons why reviewers saw lower gaming performance than expected. Chief among them are the fact that AMD used an unreleased version of Windows 11 -- the 24H2 update, which is available to Windows Insiders -- and that it used an administrator account for its "automated test methodology." In light of that, I downloaded the Windows update, spun up an admin account, and retested the Ryzen 9 9950X. And I'm not seeing what AMD claims at all.

Read more