Fail-proof exploit of ‘verification fatigue’: SlashNext highlighted that the campaign’s success stems largely from its exploitation of human psychology.”Modern internet users are inundated with spam checks, CAPTCHAs, and security prompts on websites, and they’ve been conditioned to click through these as quickly as possible,” Kelley added. “Attackers exploit this ‘verification fatigue,’ knowing that many users will comply with whatever steps are presented if it looks routine.”The absence of immediate red flags like suspicious downloads, added with deceptive design using trusted branding and interface, provides a false sense of security.”We have seen an increasing number of this type of attack over the past several months and have had multiple customers inquire about possible ways to hinder the attack,” Litty said. “Because of their limited visibility into browser behavior, AV products and other endpoint protection solutions tend to miss these attacks.”Litty noted a need for browser-specific solutions, including tools for browser isolation, that can detect a website that writes content into the clipboard and flag it to users.ClickFix tactics aren’t anything new and have been picked up in recent years by nation-state actors, most notably in the “Contagious Interviews” campaign linked to the North Korea-aligned Kimsuky group. Other notable state-sponsored actors known for using ClickFix include MuddyWater(Iran), APT28 and UNK_RemoteRogue(Russia).
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4003056/new-phishing-campaign-hijacks-clipboard-via-fake-captcha-for-malware-delivery.html
