Recently, over 100 websites belonging to car dealerships were found to serve malicious "ClickFix" code due to a supply chain attack that affected a third-party domain. According to security researcher Randy McEoin, the threat actor infected LES Automotive, a privately held streaming service provider based in Tolland, CT, that primarily focuses on the automotive industry. All websites using LES Automotive's services shared a ClickFix webpage with their visitors. [1]
clickfix (4)
The websites of over 100 car dealerships were found serving malicious ClickFix code after a third-party domain was compromised in a supply chain attack. As part of the compromise, a threat actor infected LES Automotive, a shared video service unique to dealerships, so that websites using the service would serve a ClickFix webpage to their visitors.
A ClickFix attack relies on malicious code on a webpage to display a prompt to the user, asking them to fix an error or perform a reCAPTCHA challeng
If you are looking to plan a future vacation, take a minute to scrutinize hotel and travel service booking sites. Hotel and hostel workers are being tricked into downloading credential-stealing malware by cybercriminals impersonating Booking[.]com. In a phishing campaign that began in December 2024 and continued through February, the threat actors are targeting people in the hospitality industry across North America, Southeast Asia and Europe who are likely to work with Booking[.]com and to op
Recently, over 100 websites belonging to car dealerships were found to serve malicious "ClickFix" code due to a supply chain attack that affected a third-party domain. According to security researcher Randy McEoin, the threat actor infected LES Automotive, a privately held streaming service provider based in Tolland, CT, that primarily focuses on the automotive industry. All websites using LES Automotive's services shared a ClickFix webpage with their visitors. [1]
