Hackers impersonated venture capitalists and hijacked the QuickLens plugin, using ClickFix technology to steal crypto assets.

CoinFeed reported on March 3 that, according to Cointelegraph, hackers are using the "ClickFix" attack technique to steal cryptocurrency. The two latest attacks involve impersonating venture capital firms and hijacking browser extensions. Cybersecurity firm Moonlock Lab reported that scammers impersonated fake VCs such as SolidBit, MegaBit, and Lumax Capital, contacting users via LinkedIn with offers of collaborations, then directing them to click on fake Zoom and Google Meet links. After clicking the links, users were redirected to a page with a fake Cloudflare "I'm not a robot" verification box. Clicking this box copied malicious commands to the clipboard and prompted users to open their terminals and paste a purported verification code, thus executing the attack.