Devious new ClickFix malware variant targets macOS, Android, and iOS using browser-based redirections

When you buy through links on our articles, Future and its syndication partners may earn a commission.
Security researchers found ClickFix attacks evolving to target other operating systems
On Android and iOS, the attack is particularly worrisome, as it transforms into a drive-by attack
The malware is already being flagged by antivirus programs
ClickFix, an infamous hacking technique that tricks people into running malware thinking they're fixing a problem on their computer, has evolved, experts have warned.
New research from c/side has revealed what used to be a Windows-only attack method is now capable of targeting macOS, iOS and Android devices, as well.
In a blog post analyzing the evolution, the researchers said the new attack starts with a compromised website. The threat actors would inject JavaScript code which redirected users to a new browser tab when they clicked on certain elements on the page. The new tab then displays a page that looks like a legitimate URL shortener, with a message to copy and paste a link into the browser - and doing so triggers yet another redirect, this time to a download page.
Here is where the technique diverges, depending on the operating system of the victim.
On macOS, the attack leads to a terminal command that fetches and executes a malicious shell script, already flagged by multiple antivirus programs.
On Android and iOS, things are even worse, since the attack no longer requires any user interaction.
'When we tested this on Android and iOS, we expected a ClickFix variant. But instead, we encountered a drive-by attack,' the researchers explained.
'A drive-by attack is a type of cyberattack where malicious code is executed or downloaded onto a device simply by visiting a compromised or malicious webpage. No clicks, installs, or interaction required.'
In this case, the site downloads a .TAR archive file, holding malware. This one, too, was flagged by at least five antivirus programs already.
'This is a fascinating and evolving attack that demonstrates how attackers are expanding their reach,' c/side explained. 'What started as a Windows-specific ClickFix campaign is now targeting macOS, Android, and iOS, significantly expanding the scale of the operation.'
New ClickFix campaign spotted hitting both Windows and Linux machines
Take a look at our guide to the best authenticator app
We've rounded up the best password managers

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Yahoo

3 hours ago

• Yahoo

Why Alphabet Stock Flopped on Friday

The company didn't have a good day in a top European court. The court's key advisor recommended that the tech titan's appeal against a large fine be rejected. 10 stocks we like better than Alphabet › Alphabet (NASDAQ: GOOG)(NASDAQ: GOOGL) stock didn't finish the trading week on a high note. The Google parent company's two listed shares both sank by nearly 4% in price that day, thanks in no small part to a development on the regulatory front. Those declines were notably more pronounced than the S&P 500 index's 0.2% slip on the day. Alphabet's key business unit Google is on the hook to pay a 4.1 billion euro ($4.7 billion) fine to the European Union (EU), after it ruled in 2018 that the company actively stifled search engine competition with its Android mobile operating system. The tech giant has, not surprisingly, appealed that fine. That appeal is now pending at the highest court in the EU, the Court of Justice of the European Union (CJEU). In what has to be considered a setback for Google/Alphabet, the CJEU's advocate-general -- the court's top advisory official -- recommended that Google's appeal be dismissed. In her recommendation, Juliane Kokott said that "Google held a dominant position in several markets of the Android-ecosystem and thus benefited from network effects that enabled it to ensure that users used Google Search." Although Kokott's recommendations are non-binding, CJEU justices typically accept and follow the advice of the court's advocate-general. Alphabet has not yet publicly commented on this latest development in its appeal. Alphabet did get something of a break with the fine, as it was cut slightly from the original amount of over 4.3 billion euros ($4.9 billion) to the 4.1 billion euros currently hanging over it. The company, sprawling and powerful as it is, can easily afford the fine in the likely case its appeal fails. However, a defeat would illustrate Alphabet's continued vulnerability to anti-competitive lawsuits like the EU's. Before you buy stock in Alphabet, consider this: The Motley Fool Stock Advisor analyst team just identified what they believe are the for investors to buy now… and Alphabet wasn't one of them. The 10 stocks that made the cut could produce monster returns in the coming years. Consider when Netflix made this list on December 17, 2004... if you invested $1,000 at the time of our recommendation, you'd have $659,171!* Or when Nvidia made this list on April 15, 2005... if you invested $1,000 at the time of our recommendation, you'd have $891,722!* Now, it's worth noting Stock Advisor's total average return is 995% — a market-crushing outperformance compared to 172% for the S&P 500. Don't miss out on the latest top 10 list, available when you join . See the 10 stocks » *Stock Advisor returns as of June 9, 2025 Suzanne Frey, an executive at Alphabet, is a member of The Motley Fool's board of directors. Eric Volkman has no position in any of the stocks mentioned. The Motley Fool has positions in and recommends Alphabet. The Motley Fool has a disclosure policy. Why Alphabet Stock Flopped on Friday was originally published by The Motley Fool Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data

Time Business News

11 hours ago

• Time Business News

Revolutionizing Workflow: How LoopMotion is Redefining Keyboard and Mouse Control Across All Operating Systems

In today's digital age, multitasking across multiple computers is becoming increasingly common. Whether you're a software engineer working between a Linux server and a MacBook, or a creative professional designing across Windows and macOS, switching between devices can be frustrating and time-consuming. Enter LoopMotion — a cutting-edge proximity-based switch that transforms how users control multiple systems with a single keyboard and mouse. With seamless switching, smart automation, and true cross-platform support, LoopMotion is set to change the game. Now available for early backers, LoopMotion is launching its product through a Kickstarter campaign — bringing innovation directly into the hands of modern professionals. LoopMotion is a proximity keyboard and mouse switch that lets users control multiple devices effortlessly. Unlike traditional KVM switches or software solutions that require manual toggling, LoopMotion automatically switches control based on your physical proximity to a device. This means you can walk closer to your laptop, and the system instantly transfers keyboard and mouse input to it. Walk away, and it switches back to your other machine. No clicks. No buttons. Just pure, seamless interaction. You can learn more about this device on the official LoopMotion website. One of LoopMotion's strongest features is its ability to work across Windows, macOS, and Linux — with no special configuration or software installation. It's plug-and-play and doesn't rely on network sharing, making it ideal for mixed-environment setups. The real innovation behind LoopMotion is its sensor-based design. It uses advanced proximity detection to recognize where the user is and instantly switches control. The transition is fast, intuitive, and completely automatic. With no need to press keys or use toggle buttons, LoopMotion ensures your workflow remains uninterrupted. This is a major boost for developers, content creators, and remote workers who frequently switch between machines during the day. Forget messy wires and confusing configurations. LoopMotion offers a clean, cable-free solution to managing multiple devices. With just one keyboard and mouse, your workspace becomes tidier and more efficient. LoopMotion is designed for anyone who works across multiple devices: Developers using test environments and main systems using test environments and main systems Graphic designers managing projects on different platforms managing projects on different platforms IT administrators who switch between machines constantly who switch between machines constantly Remote workers who separate work and personal computers who separate work and personal computers Streamers with dual-PC setups for gaming and broadcasting No matter your workflow, LoopMotion makes switching seamless. The team behind LoopMotion has launched a Kickstarter campaign to bring this product to life. Supporters have the opportunity to back the project and receive exclusive early-bird access to this groundbreaking tool. With LoopMotion, the future of device control is proximity-based, intelligent, and fully automated. The Kickstarter launch marks an important milestone — not just for the creators, but for anyone who's ever struggled with switching between computers efficiently. LoopMotion isn't just another tech gadget — it's a productivity revolution. It removes the friction of device switching and creates a more fluid, intelligent workspace. Whether you're coding, designing, streaming, or simply multitasking, LoopMotion gives you more control with less effort. Visit the LoopMotion website to explore the full feature set and support their journey through the Kickstarter page today. Experience the future of work — where switching between devices is as simple as moving closer to your screen. TIME BUSINESS NEWS

Tom's Guide

13 hours ago

• Tom's Guide

Windows parental controls are crashing Chrome — here's the workaround

Windows 11's Family Safety feature is supposed to block certain websites from children, but apparently it's also been causing issues with Google's Chrome browser, a (vastly more popular) competitor to Microsoft's own Edge. The problem first surfaced on Windows on June 3, per The Verge, when several users started noticing they couldn't open Chrome or their browser would crash randomly. Restarting their computer or reinstalling Chrome didn't fix the issue, and other browsers like Firefox and Opera appeared unaffected. On Monday, a Google spokesperson posted in the company's community forum that it had investigated these reports and found the issues were linked to Microsoft's new Windows Family Safety feature. This optional feature is primarily used by parents and schools to manage children's screen time, filter their web browsing, and monitor their online activity. Curiously, the bug has been going on for weeks now, and Microsoft still hasn't issued a patch. 'We've not heard anything from Microsoft about a fix being rolled out,' wrote a Chromium engineer in a bug tracking thread on June 10. 'They have provided guidance to users who contact them about how to get Chrome working again, but I wouldn't think that would have a large effect.' While this issue could be an innocent bug, Microsoft has a history of placing annoying hurdles between Edge and Chrome to entice users to stick with its browser. So anytime a technical snafu makes Chrome run worse on Windows PCs, Microsoft understandably gets some serious side eye. Thankfully, there seem to be two ways to get around this bug while we wait for Microsoft to issue a fix, and they're both fairly simple. The most straightforward is to turn off the "Filter Inappropriate Websites" setting. Head to the Family Safety mobile app or Family Safety web portal, select a user's account, and choose to disable "Filter inappropriate websites" under the Edge tab. However, that'll remove the guardrails on Chrome and let your child access any website, including the ones you were trying to block in the first place. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. If you want to keep the guardrails on and still use Chrome, some users reported that altering the name in your Chrome folder (to something like Chrome1, for example), got the browser to work again even with the Family Safety feature enabled.