These fake Chrome extensions will crash your browser so that hackers can sneak in - here's how to stay safe

• New ClickFix variant uses fake NexShield ad blocker to spread malware
• Attack crashes browsers, then tricks users into installing ModeloRAT via command prompt
• KongTuke targets enterprises; individuals may face future risks

ClickFix attacks are evolving and now create an actual problem to fix, rather than trying to trick the victim into believing there is one, experts have warned.

Usually, ClickFix would either be a pop-up on a page, or a fake .docx or .pdf document. The victims would be told they cannot view the contents of a web page, or open the documents, until they “fixed” an issue by copying and pasting a command into the Windows Run program.

Obviously, there never was a problem, and all they did was run a command that installed malware - until now.