{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreicn3z7esk4ouegpa776cwx5katonifpr75vordemgdk4s5aml2pay",
"uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3momfgnbr2dz2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreigbme3ldf4znrqjpbphfceobr4vjresh3lnddf6vji33prq4cq5ty"
},
"mimeType": "image/webp",
"size": 68010
},
"path": "/clickfix-campaign-uses-etherhiding-and-guloader-to-target-windows-users-with-fake-captcha-pages/",
"publishedAt": "2026-06-18T18:23:06.000Z",
"site": "https://vpncentral.com",
"tags": [
"News",
"ClickFix Campaign Uses EtherHiding and GULoader to Target Windows Users With Fake CAPTCHA Pages",
"VPN Central"
],
"textContent": "A new ClickFix campaign is targeting Windows users through compromised WordPress sites, fake CAPTCHA prompts, blockchain-hosted payload delivery, and a remote GULoader infection attempt. The attack does not begin with a phishing email. In the case analyzed by Sicuranext, the victim reached a legitimate European small-business website through Google Search. The site looked normal. Product […]\n\nThe post ClickFix Campaign Uses EtherHiding and GULoader to Target Windows Users With Fake CAPTCHA Pages appeared first on VPN Central.",
"title": "ClickFix Campaign Uses EtherHiding and GULoader to Target Windows Users With Fake CAPTCHA Pages"
}