New ClickFix Attack Uses Cmdkey and Regsvr32 Instead of PowerShell to Evade Detection

A new ClickFix variant is replacing PowerShell with native Windows tools, making the social engineering attack harder for security teams to detect. The campaign tricks users into running a command through the Windows Run dialog, then uses cmdkey and regsvr32 to load a remote DLL from attacker-controlled infrastructure. ClickFix attacks rely on user deception rather […] The post New ClickFix Attack Uses Cmdkey and Regsvr32 Instead of PowerShell to Evade Detection appeared first on VPN Central.