Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Published: 3 days ago (February 15, 2026 at 09:10 AM EST)

1 min read

Source: The Hacker News

Microsoft discloses DNS‑based ClickFix variant

Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which attackers trick unsuspecting users into running commands that carry out a Domain Name System (DNS) lookup to retrieve the next‑stage payload. Specifically, the attack relies on using the nslookup (short for nameserver lookup) command to execute a custom DNS lookup triggered via the Windows.

Back to Blog

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

markdown !Cryptocurrency illustrationhttps://www.bleepstatic.com/content/hl-images/2024/12/05/Cryptocurrency.jpg New ClickFix‑style Attack Targeting Cryptocurre...

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

!https://www.bleepstatic.com/content/hl-images/2024/05/07/hacker-box.jpg Threat actors are now abusing DNS queries as part of ClickFix social‑engineering attack...

Data breach at fintech firm Figure affects nearly 1 million accounts

!https://www.bleepstatic.com/content/hl-images/2026/02/18/Figure_headpic.jpg Hackers have stolen the personal and contact information of nearly 1 million accoun...

Multiple brands of Android tablets shipped with built-in malware (Updated: Google statement)

!https://www.androidauthority.com/wp-content/uploads/2025/11/android-malware.jpg TL;DR - Researchers found a firmware‑level Android backdoor called Keenadu prei...

Microsoft discloses DNS‑based ClickFix variant

Related posts

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Data breach at fintech firm Figure affects nearly 1 million accounts

Multiple brands of Android tablets shipped with built-in malware (Updated: Google statement)