{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreieisxwj4dhukcf53voweh4csdluuat6wfb4ab33f2lymllfvpiski",
    "uri": "at://did:plc:xb5etev7ncohgebas3kjeqek/app.bsky.feed.post/3miy5dzxdfsv2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreifscc5b7le277jnle6i6zlbyvwpw4ppje5vbahxz2w3kaaahvyxva"
    },
    "mimeType": "image/jpeg",
    "size": 36915
  },
  "path": "/clickfix-attack-node-js-malware-tor-steal-crypto/",
  "publishedAt": "2026-04-08T09:15:51.000Z",
  "site": "https://hackread.com",
  "tags": [
    "Security",
    "Malware",
    "Scams and Fraud",
    "ClickFix",
    "Crypto",
    "Cyber Attack",
    "Cybersecurity",
    "Node.js",
    "RAT",
    "Tor",
    "Windows"
  ],
  "textContent": "Netskope Threat Labs report a new ClickFix attack using fake CAPTCHAs to deploy Tor-backed NodeJS malware and drain crypto wallets on Windows.",
  "title": "New ClickFix Attack Uses Node.js Malware via Tor to Steal Crypto"
}