Hosted on MSN

A fake Windows Update screen is fooling Windows users into installing malware

Full-screen fake Windows Update or captcha tricks users into pasting and running attacker commands. Malware is steganographically stored in PNG pixels; a .NET Stego Loader extracts, decrypts, and runs ...

Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and bypass security detection systems.
PC Magazine

This Windows Update Screen Is Actually a Hacker's Trap

The fake update screen then encourages the user to press the Windows button together with the R key—a little-known function to open the run dialog box, a way to launch programs on a Windows PC. All ...
Forbes

Do Not Download These Windows Security Updates, Experts Warn

ClickFix attack employs fake Windows security udpates. Updated November 27 with another Windows update warning, along with threat intelligence from the Acronis Threat Research Unit regarding the use ...
Forbes

Do Not Click—This Porn Site Installs Malware On Your Device

This is wild and new. Attackers have worked out that malicious emails pushing links to adult sites will solicit plenty of clicks. Unfortunately, those clicks trigger a fake update that installs ...
Gizmochina

Updated ClickFix malware impersonates Windows update to steal your passwords, browser cookies, banking logins

A sneaky new strain of the ClickFix malware is making the rounds, and it’s going after the easiest victim of all: anyone who trusts a Windows update prompt. Security researchers at Huntress say the ...