A new malicious campaign tricks people by pretending to be Google Chrome, Word, or OneDrive errors. They use these fake alerts to convince users to run harmful PowerShell "fixes" that actually install malware. This campaign involves several cyber threat groups, including ClearFake and others like ClickFix and TA571. ClearFake has previously used tricks where websites ask users to update their browser, but the update actually installs malware. In the latest attacks, cybercriminals use JavaScript in email attachments or hacked websites. They show fake error messages that look like they're from Google Chrome, Word, or OneDrive. These messages tell users to click a button to copy a PowerShell "fix" onto their computer. They're then told to run this script in a special Windows tool called PowerShell. Even though these attacks need users to do several things to work, the trickery is clever enough to make people think there's a real problem that needs f...
I am a technology writer with a focus on cybersecurity. I cover topics such as malware, vulnerabilities, exploits, and security defenses, as well as research and innovation in information security.