Security researchers from Huntress are warning the public about a new variant of ClickFix, one of the most popular scam methods right now. In this variant, you’re hit with a full-screen browser page that claims an important security update needs to be installed via Windows Update.

During the “installation” of this fake update, a hidden malicious command is copied to your clipboard. Then, you’re asked to press a specific combination of keyboard keys in this order: Windows key + R (which opens the Run window), Ctrl + V (which pastes the malicious command into the Run window), then Enter (which runs the malicious command).

If you follow the instructions as stated, the LummaC2 and Rhadamanthys malware gets installed on your system through a system of complex exploits. That malware can then

See Full Page