Researchers have uncovered a surge in a new “ClickFix” browser-based malware campaign with more than 13,000 unique domain registrations luring users into executing malicious commands. The attack uses compromised hosting, including a portion behind Cloudflare, to deliver payloads using deceptive benign web prompts.
More details can be found here: https://www.aitmfeed.com/blog/blog-1/tracking-clickfix-infrastructure-4
Davit Asatryan, VP of Research at Spin.AI, provided the following comments:
“Attackers registering 13,000 unique domains shows how fast traditional static domain lists fall behind. We need behavioral domain analysis to detect threats in real time, not after the fact. This is another reminder that browser security deserves as much attention as endpoint protection.”
This is yet another example of threat actors evolving to evade attempts to stop them. That means that defenders need to re-double their efforts to catch up at all costs.
Like this:
Like Loading...
Related
This entry was posted on October 16, 2025 at 8:42 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Attackers Register 13,000 Domains Leverage Cloudflare in ClickFix Attacks
Researchers have uncovered a surge in a new “ClickFix” browser-based malware campaign with more than 13,000 unique domain registrations luring users into executing malicious commands. The attack uses compromised hosting, including a portion behind Cloudflare, to deliver payloads using deceptive benign web prompts.
More details can be found here: https://www.aitmfeed.com/blog/blog-1/tracking-clickfix-infrastructure-4
Davit Asatryan, VP of Research at Spin.AI, provided the following comments:
“Attackers registering 13,000 unique domains shows how fast traditional static domain lists fall behind. We need behavioral domain analysis to detect threats in real time, not after the fact. This is another reminder that browser security deserves as much attention as endpoint protection.”
This is yet another example of threat actors evolving to evade attempts to stop them. That means that defenders need to re-double their efforts to catch up at all costs.
Share this:
Like this:
Related
This entry was posted on October 16, 2025 at 8:42 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.