ESET Threat Report Reveals Surge in ClickFix Malware Attacks

In its latest Threat Report released on June 30, 2025, ESET, a global leader in digital security, identified a dramatic increase in the use of the ClickFix malware, which has surged by over 500% in the first half of 2025 compared to the latter half of 2024. This alarming trend highlights the escalating threat landscape in cybersecurity, with ClickFix accounting for nearly 8% of all blocked attacks, ranking it as the second most prevalent attack method after phishing. The report provides a detailed analysis of the evolving tactics used by cybercriminals, the impacts of ransomware, and the rise of sophisticated mobile threats.

According to Jiří Kropáč, Director of Threat Prevention Labs at ESET, "ClickFix attacks are particularly insidious, displaying fake error messages that trick victims into executing malicious commands on their devices," affecting major operating systems including Windows, Linux, and macOS. The report indicates that these attacks lead to various types of malware, including infostealers and ransomware, significantly complicating the cybersecurity landscape.

The study also sheds light on the infostealer ecosystem, revealing that SnakeStealer has overtaken Agent Tesla as the most detected infostealer. SnakeStealer's capabilities extend to logging keystrokes and stealing saved credentials, which heightens concerns for personal and organizational data security.

In terms of ransomware, the report notes that while the number of attacks and active gangs has increased, ransom payments have declined, suggesting a shift in the dynamics of the ransomware economy. ESET's analysis indicates that this decrease may result from law enforcement actions against these gangs and a growing public skepticism regarding their reliability in fulfilling ransom agreements.

Moreover, the report highlights a staggering 160% increase in adware detections on Android devices, driven by a new malware variant named Kaleidoscope. This malware employs a deceptive "evil twin" strategy to distribute malicious applications that disrupt device performance and bombard users with intrusive advertisements. NFC-based fraud also saw a significant rise, increasing more than thirty-five-fold, as attackers exploit near-field communication technology to execute fraudulent transactions.

As the landscape of cyber threats continues to evolve, ESET emphasizes the importance of proactive defense strategies, combining advanced technology with human expertise to combat emerging threats effectively. The findings of this report not only illustrate the current challenges faced by cybersecurity professionals but also serve as a call to action for individuals and organizations to enhance their security measures.

For further details, the complete ESET Threat Report H1 2025 is available on WeLiveSecurity.com. ESET continues to lead the way in providing innovative cybersecurity solutions designed to safeguard businesses and individuals from an increasingly complex array of threats.