<ul><li>State-sponsored threat actors are using the ClickFix attack technique, according to research from Proofpoint.</li><li>At least three groups, including Kimsuky (North Korean), MuddyWater (Iranian), and UNK_RemoteRogue and APT28 (allegedly Russian), have been observed using ClickFix in their attack chains.</li><li>ClickFix is a social engineering tactic that tricks victims into installing remote desktop programs, allowing the attackers to download and run malware.</li><li>The ClickFix attack technique has been adopted by state-sponsored actors primarily engaged in cyber-espionage, targeting organizations in adversary states.</li></ul>

State-sponsored actors spotted using ClickFix hacking tool developed by criminals

Discover more