Cybercriminals are utilizing fake Google Meet notifications to distribute malware through a tactic known as ClickFix, tricking users into downloading malicious software. The attackers mimic legitimate services like Google Meet, prompting users to click on a 'Fix It' button that triggers the installation of malware on Windows and macOS devices. The campaign, identified by cybersecurity researchers at Sekoia, involves two cybercrime groups, 'Slavic Nation Empire' and 'Scamquerteo Team,' targeting cryptocurrency assets and decentralized finance users
The attackers use the same ClickFix template to impersonate Google Meet, sharing infrastructure and materials across teams. By bypassing traditional security measures and evading web browser security features, ClickFix poses a significant threat by executing various malware distribution campaigns, including infostealers, botnets, and remote access tools. To safeguard against ClickFix attacks, users are advised to exercise caution with error messages, verify scripts, utilize strong security software such as antivirus and anti-malware, be vigilant with links, and enable two-factor authentication for enhanced online account security.https://hackread.com/clickfix-fake-google-meet-alerts-windows-macos-malware/