Do not open this website.
Getty Images
This is wild and new. Attackers have worked out that malicious emails pushing links to adult sites will solicit plenty of clicks. Unfortunately, those clicks trigger a fake update that installs dangerous malware on your device. As tempting as it may be — do not click.
The team at Acronis warn the “novel ‘JackFix’ attacks” combine “screen hijacking techniques with ClickFix, displaying a realistic, full-screen Windows Update of ‘Critical Windows Security Updates’ to trick victims into executing malicious commands.”
We have seen plenty of seemingly innocuous lures to drive ClickFix attacks, most being fake captchas and technical support pop-ups. But this new campaign “leverages fake adult websites (xHamster, PornHub clones) as its phishing mechanism.”
Fake porn website.
Acronis
Acronis says “the adult theme, and possible connection to shady websites, add to a victim’s psychological pressure, making victims more likely to comply with sudden ‘security update’ installation instructions.”
The attack itself hijacks a PC’s entire screen, “displaying an authentic looking Windows Update screen — complete with the appropriate animations, a counting-up percentage of progress and the appearance of going full screen.”
Fake Windows update screen.
Acronis
The attack is executed entirely within the PC’s browser, and Acronis says the resulting screen hijacking “is something we haven’t seen done before this campaign, but the principle is well proven and goes back over 15 years.” The adult content is the new twist on a theme, enticing users to click before “the trap is sprung.”
Psychologically, the lure is designed to catch you when you’re on edge, clicking something you know you probably shouldn’t. And so when an urgent security update screen opens, you’re more likely to be tricked into engaging.
Staying safe is easy. Don’t access adult sites from links in emails or messages or pop-ups. As with any other website, access it directly using the usual means.
