Windows users warned of major security issue – here’s why FileFix attack could be a big concern – 1v1 Video Chat & LIve Streaming & Influencer Subscription

Tech Radar Pro

Tech Radar Gaming

Tech Radar Pro

TechRadar the business technology experts

Search TechRadar

View Profile

België (Nederlands)

Deutschland

North America

US (English)

Australasia

New Zealand

Expert Insights

Website builders

Web hosting

Best website builder
Best web hosting
Best office chairs
Best antivirus
Expert Insights

Recommended reading

Fake Cloudflare CAPTCHA page laden with malware uncovered in the wild – here’s how to stay secure and safe

New ClickFix campaign spotted hitting both Windows and Linux machines

State-sponsored actors spotted using ClickFix hacking tool developed by criminals

Fake DocuSign and Gitcode sites are tricking victims into downloading malware – here’s what you need to know

Dangerous new MacOS malware is targeting Apple users everywhere – here’s what you need to know

WhatsApp patches worrying vulnerability which allowed hackers to share .exe files as images

Criminals are pretending to be Microsoft, Google, and Apple in phishing attacks

Windows users warned of major security issue – here’s why FileFix attack could be a big concern

Ellen Jennings-Trace

25 June 2025

New ClickFlix-style social engineering attack developed

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Getty Images)

A researcher has developed a new social engineering attack
The attack, a variant of the existing ClickFix issue, has been called FileFix
Windows users are at risk, so be on your guard

A new version of popular social engineering tool ClickFix has been developed, potentially putting Windows users at risk.

A cybersecurity researcher who goes by the name mr. dox has developed a new version of ClickFix, a browser-based attack often disguised as captchas to trick victims into pressing a button which then copies a command to Windows Clipboard. From there, users are encouraged to paste the command into a prompt to ‘fix’ an issue.
The new tool, dubbed FileFix, allows cybercriminals to execute commands on the victim system through the File Explorer address bar in Windows,” – this new attack is a similar premise, but uses Windows File Explorer to create a ‘highly plausible scenario’.

You may like

Fake Cloudflare CAPTCHA page laden with malware uncovered in the wild – here’s how to stay secure and safe

New ClickFix campaign spotted hitting both Windows and Linux machines

State-sponsored actors spotted using ClickFix hacking tool developed by criminals

Sophisticated social engineering
This version of the phishing page is not based on a captcha, but rather a fake notification telling users a file has been sent to them, urging them to paste the path into File Explorer to find it.

This method could quite possibly be weaponised to trick users into downloading malicious payloads. “However, there is a downside to this variation that should be considered,” argues mr. dox.
“Microsoft Defender SmartScreen & Google Safebrowsing will usually warn users prior to saving executables so more clicks might be required from the user to make it work. However, I still included this method in case someone finds a good use for it or wants to use in a different social engineering scenario”
The ClickFix attack has been used by criminals to bypass antivirus software, with new malware variants observed targeting macOS, Android, and iOS users. Any new social engineering attack is dangerous as users won’t be wide to the method – so be sure to be wary of any unexpected pop-ups and close any windows you don’t trust.

Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
Via BleepingComputer
You might also like

Pegasus spyware is still targeting top business leaders
Take a look at the best encrypted messaging apps
Check out our choice for best malware removal software around

Ellen Jennings-Trace

Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Fake Cloudflare CAPTCHA page laden with malware uncovered in the wild – here’s how to stay secure and safe

New ClickFix campaign spotted hitting both Windows and Linux machines

State-sponsored actors spotted using ClickFix hacking tool developed by criminals

Fake DocuSign and Gitcode sites are tricking victims into downloading malware – here’s what you need to know

Dangerous new MacOS malware is targeting Apple users everywhere – here’s what you need to know

WhatsApp patches worrying vulnerability which allowed hackers to share .exe files as images

Latest in Security

A free service to protect US critical infrastructure against Russian cyber attacks has ended – but did it shut down just a touch too soon?

Watch out AI fans – cybercriminals are using jailbroken Mistral and Grok tools to build powerful new malware

This dangerous new malware is hitting iOS and Android phones alike – and it’s even stealing photos and crypto

Top Canadian telecom firms may have been hit by Chinese Salt Typhoon hackers

Meta hits back after US House staffers banned from using WhatsApp over security fears

Major data breach at McLaren Health Care sees 743,000 patients affected – here’s what we know

Latest in News

The final trailer for The Fantastic Four: First Steps is here – and I’m growing increasingly concerned about one character’s fate in the Marvel movie

Turn any elite wired earbuds into hi-res true wireless buds with this smart add-on – but brace yourself for the price

The Chromecast with Google TV is finally getting its long-delayed free update – here’s what’s new

A free service to protect US critical infrastructure against Russian cyber attacks has ended – but did it shut down just a touch too soon?

Microsoft is struggling to sell Copilot to corporations – because their employees want ChatGPT instead

The iPhone 17 Pro’s rumored camera bar looks much better than before in new dummy unit photos