🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Game hackers have defined the bleeding edge of low-level security innovation for the past 10 years. Infosec will never give us the respect we deserve, but for the people who actually follow our tutorials, it has a profound impact on their lives.

FileFix - A ClickFix Alternative mrd0x.com/filefix-clickf…

Alphabetfuscation - Obfuscating your shellcode by encoding it into an alphabetical string. github.com/Maldev-Academy…

And it doesn't even execute in one of Chrome's sandboxed processes, you get the medium integrity one. LOL, LMAO even

mr.d0x you inspired this :P there's an alternative scenario here too download a fake .crdownload file and then instruct them to open the file browser via downloads. but this one is fun too. I present to you all, DOWNLOADFIX

Casually dropping a MOTW bypass while talking about an already big improvement to the #ClickFix attack. mr.d0x is on another level 🔥

New attack vector: FileFix. A phishing trick that executes PowerShell straight from your browser no Run dialog, no pop-ups. Just a fake file path + clipboard + File Explorer. Red teamers, this one’s wild. 📽️ PoC + write-up: medium.com/@t3chfalcon/fi…

I can also see the search-ms URI being used to pull up File Explorer (or even asking the user nicely to hit Win+E) which won't result in the browser having the executed command run as a child process.

Just released Hypnus, a Rust lib for sleep obfuscation with some nice call stack spoofing during sleep and API calls (encryption & more) 🫡 Thanks 5pider & Austin for the initial ideas! github.com/joaoviictorti/…

Guided Hacking being cited next to Geoff Chappell in a research paper. Does this mean we finally made it? Maybe.

Fresh video out on a new ClickFix variation, named FileFix by mr.d0x 💻 youtube.com/watch?v=k2jrOE…

A follow up on last week’s FileFix blog. FileFix (Part 2) mrd0x.com/filefix-part-2/

Late to the party but another video to demo the "FileFix" trick that mr.d0x wrote about, leveraging the address bar in Windows file explorer to run a command and potential payload -- with the ClickFix playbook just instructing an end user to run malware 🙃 youtu.be/Vz2ak0YW_L4

First FileFix that I've seen in the wild:

I want to share my opinion on GuidedHacking When GuidedHacking acted as a sponsor for vx-underground I received small amounts of criticism for it, primarily because GuidedHacking was accused of "stealing content". I can assert with 100% confidence this is not true. It is not

A new clickfix technique, FileFix, developed by mr.d0x, is being used in the wild—poorly. Website tersmoles[.]com delivers a "Legitimate Chrome Installer" using FileFix. The attacker didn’t even change the path and filename—just copy-pasted code directly from demo website

Threat actors have wasted no time operationalising the FileFix technique 📁⚠️ 📚Check out our latest blog on detecting and preventing FileFix: blog.delivr.to/filefixed-dete…

Introducing Havoc Professional: A Lethal Presence We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth! infinitycurve.org/blog/introduct…

🚨 A fake CAPTCHA is all it takes. Interlock ransomware is back—now pushing a stealthy PHP RAT via “FileFix,” a spin on ClickFix that hijacks File Explorer. Targets? Everyone. Tactics? Evolving fast. Here’s what they’re hiding behind Cloudflare Tunnels ↓