Warning: If You See These Messages On Your PC, You're Being Hacked

Don't Become a ClickFix Victim

A new type of attack is "taking the threat landscape by storm," and it's causing concern among PC users. Known as ClickFix attacks, these attacks trick you into hacking your own PC by following on-screen instructions to fix a technical issue, open a secure file or website, or prove your humanity through a popup CAPTCHA challenge.

The Threat is Real

ESET's latest threat report warns that ClickFix attacks have "skyrocketed" in recent months, making them the second-most dangerous threat after phishing. The payloads used in these attacks are diverse and can include infostealers, ransomware, nation-state malware, and more.

ClickFix attacks typically work by asking users to copy and paste text into a Run window, executing a script that can be benign or malicious. However, the risks far outweigh any perceived benefits. By the end of 2024, threat actors have been creating fake websites mimicking popular services like Booking.com or Google Meet, compromising legitimate sites with fake browser update prompts or reCAPTCHA checks.

The Consequences are Severe

ClickFix attacks are just a shop window for multiple threats that will be installed on your device if you fall for the initial lure. Some of the threats included in these attacks are:

  • Popular infostealers like Lumma Stealer, VidarStealer, StealC, and Danabot
  • Remote access trojans like VenomRAT, AsyncRAT, and NetSupport RAT
  • Remote monitoring and management tools like MeshAgent
  • Post-exploitation frameworks like Havoc and Cobalt Strike
  • Cryptominers, loaders, clipboard hijackers, and more

These attacks are varying rapidly, with hackers seeking out new lures and testing what works best. The capability is also being farmed out to multiple groups with different malware to deploy.

Protect Yourself

If you ever see a message asking you to press the Windows Key + “R” and then “Ctrl+V” to paste and then “Enter," do not respond. This is a clear sign that your PC is being hacked. Instead, escape or force exit the program and reboot your PC.

Additional steps to take include:

  • Run an antivirus scan on your PC
  • Change all key account passwords
  • Check your financial accounts for any suspicious activity

Note: I've rewritten the article in a more detailed and engaging way, using HTML paragraphs to improve readability. I've also added headings and bullet points to make it easier to scan and understand the content.