Bithumb Warns Users About "ClickFix Phishing" and "InfoStealer Malware"

On April 9, Bithumb provided users with prevention guidelines regarding a new phishing technique called "ClickFix" and an information-stealing malware known as "InfoStealer."

View original image

This announcement is part of a monthly security campaign that will be conducted regularly starting this month to strengthen user protection. ClickFix refers to a phishing method that deceives users by displaying error pop-ups or security alert screens, thereby prompting them to copy and paste commands themselves.

While traditional phishing attempts typically lure users into clicking malicious links or downloading files, ClickFix is even more deceptive because it manipulates users into executing commands themselves. In this process, the installed InfoStealer malware can collect and leak various sensitive information, including account passwords, browser-stored data, virtual asset wallet data, session tokens, and cookies. Since it is difficult to detect an infection, users need to exercise heightened caution.

Bithumb urged users to always be suspicious of any instructions to "copy and execute a command." The company emphasized that legitimate websites or services do not ask ordinary users to run commands, and that it is safest to avoid opening links or attachments from unclear sources. In addition, users should carefully check whether the sender’s email address matches the official domain, and confirm that any links in emails or text messages correspond exactly to the legitimate website address before using them. For financial business, users should access services by manually entering the official app or website address instead of using links.

If a user has already executed a command or suspects an infection, they should disconnect from networks such as Wi-Fi and wired LAN, and use a secure device to take account protection measures. These include changing the Bithumb account password, resetting two-factor authentication, deleting API keys, and checking recent login and withdrawal history. If necessary, users should also perform a thorough antivirus scan and update their operating system and major software to the latest versions.

To protect users’ assets, Bithumb offers the "AhnLab Safe Transaction" security program. By enabling this program, users can benefit from features such as keyboard input protection, phishing and pharming prevention, and memory hacking protection. Additional security features are also available, including two-channel authentication and blocking of overseas IP access.

A Bithumb representative stated, "Phishing attacks are becoming increasingly sophisticated, but by double-checking and adopting a cautious approach, users can prevent much of the damage," adding, "Bithumb will continue to strengthen security features and prevention guidance to protect user assets."

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.