The Australian Cyber Security Center (ACSC) has issued a warning about ongoing ClickFix attacks that use social engineering to distribute the Vidar Stealer malware, targeting Australian organizations through compromised WordPress websites. These attacks trick users into executing malicious PowerShell commands by presenting fake verification prompts, leading to information theft.
The most valuable insight for you as a cybersecurity professional is that the ClickFix social engineering technique is being actively used to distribute the Vidar Stealer malware by tricking users into executing malicious PowerShell commands. To mitigate this risk, the ACSC recommends restricting PowerShell execution and implementing application allow-listing. Additionally, WordPress site administrators should ensure all themes and plugins are up-to-date and remove any unused components to prevent their sites from being exploited in these attacks.