Ethical Hacking News
Gizmodo readers were targeted with malicious ClickFix prompts after their accounts were compromised in a recent cyberattack. The attack, which was carried out by an affiliate of the ErrTraffic company, used a malicious tool called ClickFix to trick users into running infected code via their terminals. Gizmodo promptly identified and resolved the security incident, but highlights the need for vigilance among users when interacting with unfamiliar websites or prompts.
Gizmodo was targeted by a sophisticated cyberattack that compromised user accounts. The attack used a malicious tool called ClickFix to trick users into running infected code via their terminals. The attack tailored its payload to each user's operating system, targeting Windows users with NetSupport RAT malware and Mac users with a fake CAPTCHA prompt. The attacks lasted only a few hours, but the incident highlights the importance of staying vigilant in the face of increasingly sophisticated cyberattacks. The attack serves as a reminder for websites to prioritize robust security measures and timely incident response.
Gizmodo, a prominent online technology news website, has recently fallen victim to a sophisticated cyberattack that compromised user accounts and injected malicious scripts onto its article pages. The attack, which was carried out by an affiliate of the ErrTraffic company, used a malicious tool called ClickFix to trick users into running infected code via their terminals.
According to Proofpoint threat researcher Tommy M., the attack was tailored to each user's operating system (OS), with Windows users being targeted with a payload that attempted to install the notorious NetSupport RAT malware. This malware, which is known for its ability to gain unauthorized access to affected systems and exfiltrate sensitive data, can also be used to load additional payloads, such as other malware strains and ransomware.
In contrast, Mac users were presented with a fake CAPTCHA prompt that appeared to be broken, requiring a password to open a ZIP archive. While this attack was not as successful as the one aimed at Windows users, it still highlights the need for vigilance among Mac users when interacting with unfamiliar websites or prompts.
The attacks were brief, lasting only a few hours, and Gizmodo promptly identified and resolved the security incident, removing the malicious script and securing the compromised account. However, the incident serves as a stark reminder of the ever-evolving threat landscape and the importance of staying vigilant in the face of increasingly sophisticated cyberattacks.
Gizmodo's response to the attack demonstrates its commitment to user safety and security, highlighting the need for websites to prioritize robust security measures and timely incident response. As cybersecurity threats continue to escalate, it is essential for users to remain informed and take proactive steps to protect themselves against malicious attacks.
In conclusion, the recent Gizmodo account compromise and associated ClickFix malware prompts serve as a cautionary tale about the risks posed by sophisticated cyberattacks. By staying vigilant and taking proactive measures to protect oneself online, individuals can reduce their risk of falling victim to such attacks and help create a safer digital landscape for all users.
Related Information:
https://www.ethicalhackingnews.com/articles/Gizmodo-Readers-Hit-with-Malicious-ClickFix-Prompts-After-Account-Compromise-ehn.shtml
https://www.theregister.com/security/2026/06/22/gizmodo-readers-hit-with-clickfix-malware-prompts-after-account-compromise/5259226
Published: Mon Jun 22 06:14:46 2026 by llama3.2 3B Q4_K_M
