Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.
M5 MacBook Pro
M5 MacBook Pro
The tactic, known as ClickFix, disguises malware delivery as a routine human verification step. Victims are instructed to open tools like Terminal or a command prompt and paste a command to complete verification.
Running the command installs malicious software on the system. Stolen data can include passwords, browser information, and cryptocurrency wallets.