Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

ClearFake Increases Web3 Exploitation

March 20, 2025
Reading Time: 2 mins read
in Alerts
Signal Malware Targets Ukraine Defense

The ClearFake campaign has evolved significantly, particularly with its adoption of new tactics and technologies. As of May 2024, the attackers introduced a technique called ClickFix, which deceives victims into running malicious PowerShell commands disguised as solutions for non-existent technical issues. This new approach is part of a broader shift towards integrating Web3 technologies, where the attackers interact with Binance’s Smart Chain (BSC) contracts to load JavaScript code and encrypted payloads.

This technique helps the campaign evade traditional security measures, making detection and analysis more challenging.

ClearFake’s updated framework now incorporates a multi-stage attack process that starts when a victim visits a compromised website. The victim is then redirected to a phishing page that uses BSC-hosted JavaScript to fingerprint their system, followed by the decryption of ClickFix-related HTML code hosted on Cloudflare Pages. Once the victim runs the malicious PowerShell command, it triggers the deployment of a loader that installs malware, including Lumma Stealer.

This makes the campaign highly adaptive, as it leverages trusted platforms and advanced evasion methods to distribute its payload.

The use of smart contracts for system fingerprinting and payload delivery represents a significant technological shift in ClearFake’s attack methodology. By utilizing BSC, the attackers create a more resilient attack chain, which is harder to trace and stop. Additionally, the malicious infrastructure is regularly updated with new JavaScript and AES key combinations, making it difficult for security solutions to detect or block. These changes make the ClearFake campaign far more sophisticated and harder to defend against, particularly for unprotected systems.

ClearFake’s adoption of Web3 and blockchain-related techniques demonstrates a more advanced and persistent threat landscape. The introduction of ClickFix, alongside ongoing updates to the framework, shows that the attackers are keen on adapting their methods to bypass evolving security defenses. The campaign has grown to affect thousands of websites globally, with over 200,000 unique users potentially exposed by mid-2024. The shift to more dynamic attack vectors signals a troubling trend of increasingly sophisticated malware campaigns targeting both individuals and organizations.

Reference:
  • Scareware Phishing Campaign Shifts Focus From Windows to macOS Targets
Tags: Cyber AlertsCyber Alerts 2025CyberattackCybersecurityMarch 2025
ADVERTISEMENT

Related Posts

Scattered Spider Hits ESXi Servers

Scattered Spider Hits ESXi Servers

July 28, 2025
Scattered Spider Hits ESXi Servers

Malware Hides in Fake Dating Apps

July 28, 2025
Scattered Spider Hits ESXi Servers

Post SMTP Bug Exposes 200K Sites

July 28, 2025
Infostealer Hidden in Steam Game

Sophos, SonicWall Patch Critical RCE Bugs

July 25, 2025
Infostealer Hidden in Steam Game

CastleLoader Uses Clickfix on Windows

July 25, 2025
Infostealer Hidden in Steam Game

Koske Malware Hides in Panda Images

July 25, 2025

Latest Alerts

Post SMTP Bug Exposes 200K Sites

Malware Hides in Fake Dating Apps

Scattered Spider Hits ESXi Servers

CastleLoader Uses Clickfix on Windows

Sophos, SonicWall Patch Critical RCE Bugs

Koske Malware Hides in Panda Images

Subscribe to our newsletter

    Latest Incidents

    Cyberattack Hits French Naval Group

    Tea App Leak Exposes 13K Women Users

    Allianz Life Data Breach Hits Majority

    Hackers Target Amazon’s AI Code Bot

    Infostealer Hidden in Steam Game

    APTs Use Fake Dalai Lama Apps to Spy

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial