Buy Crypto- Markets
Futures- Spot
- Copy Trade
- Earn
- More
ClickFix attack escalates, hackers impersonate VCs and hijack browser extensions to steal crypto assets
The cybersecurity agency Moonlock Lab reports that crypto hackers have recently upgraded their "ClickFix" attack method, beginning to impersonate venture capital firms to contact target users through social platforms and lure them into executing malicious code to steal crypto assets.
Attackers disguise themselves as fake venture capital firms such as SolidBit, MegaBit, and Lumax Capital, sending collaboration invitations via LinkedIn and guiding victims to fake Zoom or Google Meet meeting links. The pages embed a fake Cloudflare "I am not a robot" verification button, which, when clicked, copies malicious commands to the clipboard and tricks users into pasting and executing them in the terminal, thus completing the attack. Researchers point out that this method circumvents traditional security mechanisms by "making victims execute commands themselves."
Meanwhile, hackers are also hijacking browser extensions to carry out attacks. John Tuckner, founder of cybersecurity company Annex Security, revealed that the Chrome extension QuickLens, after changing ownership on February 1, released a new version containing malicious scripts two weeks later, triggering ClickFix attacks and stealing user data. The extension had about 7,000 users and has since been removed from the store. Reports indicate that the hijacked extension scans crypto wallet data and mnemonic phrases, and scrapes Gmail content, YouTube channel data, and web login or payment information.
You may also like
How to Trade Crypto on Mobile Browser & Win LALIGA Tickets (2026 Guide)
Discover how AI automation, natural language trading, and mobile browser trading platforms are shaping automated trading in 2026. Join the WEEX live trading event for early access and rewards like LALIGA VIP tickets.
Connecting encryption, TradFi, and payments, is Gate completing the final puzzle of the "super APP"?
a16z Crypto Operating Partner: Wall Street is undergoing its biggest infrastructure upgrade in 30 years
a16z Crypto's latest research: What is the key to the large-scale application of DeFi?
Founder of Delphi Labs: My observations and feelings about the AI ecosystem in China in two weeks
AI Seating Chart Released | Rewire News Morning Brief
Is the era of Embodied AI's "GPT Moment" Approaching? Axis Robotics Announces End of Testing, Set to Launch on Base Chain
Meta Layoff Explained: On the same day as laying off 700 people, they handed out $90 billion in retention bonuses to executives
Binance Cracks Down on Market Makers, a Long-overdue Trial
Wall Street Collective Bearish on 2026, Will the Oil Crisis Trigger a Recession?
Hollywood's AI Necromancy: Death Is No Longer the End of Labor
a16z: DeFi Struggling to Support a True Financial Market
Morning News | Bitmine launches institutional Ethereum staking platform MAVAN; Franklin Templeton launches tokenized ETF; Morgan Stanley to issue and sponsor Bitcoin ETF
Kalshi early employees: Whoever controls the traffic controls the market
Tether signs contracts with four major audits, Circle's compliance moat collapses, stock price plummets by 20%
Proudly Introducing Aethir Claw: Your AI Agent, Our Infrastructure
Why Buying Gold Can Lead to Bankruptcy
If the US Treasury yield rises above 5%, will Bitcoin drop below $50,000?
How to Trade Crypto on Mobile Browser & Win LALIGA Tickets (2026 Guide)
Discover how AI automation, natural language trading, and mobile browser trading platforms are shaping automated trading in 2026. Join the WEEX live trading event for early access and rewards like LALIGA VIP tickets.
App