India, March 6 -- A recent malware campaign is using a trusted Windows application to launch attacks for stealing credentials via social engineering with the exploitation of the Windows Terminal with the use of Lumma Stealer malware by the attackers, as per researchers from the Microsoft Security team.

This represents a change of tactics for the ClickFix attack group from exploiting technical vulnerabilities to using social engineering to trick users into executing the malicious commands themselves. It is this crowbar alignment and incident in user behavior that makes it far more difficult to identify the attack using standard security controls.

The whole thing kicks off with some pretty standard online traps. People get sent to fake CA...