May 31, 2026
C2 Hosts: 6
IClickFix
IClickFix is a malicious JavaScript framework deployed on compromised WordPress sites to deliver further malware using the ClickFix social engineering tactic and fake Cloudflare Turnstile CAPTCHA challenge.
C2 Infrastructure
Hosting/VPS 100%
Last 7 days
| Date | C2 Hosts |
|---|---|
| May 31, 2026 | 6 |
Further Reading
Meet IClickFix: a widespread WordPress-targeting framework using the ClickFix tactic opens in a new tab
Uncover IClickFix: a malicious framework exploiting the ClickFix tactic in widespread malware campaigns to deliver NetSupport RAT.
blog.sekoia.io
How ClickFix Opens the Door to Stealthy StealC Information Stealer opens in a new tab
This analysis examines an attack chain targeting Windows systems through social engineering using fake CAPTCHA to trick users into executing PowerShell commands.
levelblue.com