The websites of over 100 car dealerships were found serving malicious ClickFix code after a third-party domain was compromised in a supply chain attack. As part of the compromise, a threat actor infected LES Automotive, a shared video service unique to dealerships, so that websites using the service would serve a ClickFix webpage to their visitors.
A ClickFix attack relies on malicious code on a webpage to display a prompt to the user, asking them to fix an error or perform a reCAPTCHA challeng