Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and bypass security detection systems.
Hosted on MSN

A fake Windows Update screen is fooling Windows users into installing malware

Full-screen fake Windows Update or captcha tricks users into pasting and running attacker commands. Malware is steganographically stored in PNG pixels; a .NET Stego Loader extracts, decrypts, and runs ...
AZ Central

Fake Windows Defender notifications are on the rise

Scammers are using fake Windows Defender pop-ups with real looking phone numbers to trick users. These fraudulent warnings are not from Microsoft and aim to gain remote access to your computer. A ...
WTOP News

Data Doctors: Beware fake Windows Defender alerts

Q: Are Windows Defender warnings that pop up with a phone number legit? A: Microsoft’s built-in security tool has improved over the years, and it still blocks plenty of everyday threats. But the ...
CSOonline

New ClickFix attacks use fake Windows Update screens to fool employees

CSOs and Windows admins should disable the ability of personal computers to automatically run commands to block the latest version of the ClickFix social engineering attacks. This advice comes from ...