‘ClickFix’ hackers pose as VCs, hijack QuickLens in latest crypto attacks

CoinTelegraph

by Stephen Katte

March 3, 2026

AI-Generated Deep Dive Summary

Crypto hackers are leveraging a sophisticated technique called ClickFix to steal cryptocurrencies through two new methods: impersonating venture capital (VC) firms on professional networks and hijacking browser extensions. According to a recent report by cybersecurity firm Moonlock Lab, scammers are creating fake VC profiles—such as SolidBit, MegaBit, and Lumax Capital—and connecting with potential targets via LinkedIn. These fraudulent VCs offer partnership opportunities, luring victims into clicking on malicious links that appear to be for Zoom or Google Meet video calls. When users click these links, they’re redirected to a page featuring a fake Cloudflare “I’m not a robot” checkbox. This deceptive measure tricks the victim into copying a harmful command to their clipboard and pasting it into their computer’s terminal. The command then executes an attack, enabling the hackers to gain control over the user’s device or steal sensitive information. The ClickFix technique has been traced back to 2024 and has since evolved, with attackers targeting various industries. This latest iteration is particularly concerning due to its ability to exploit trust in legitimate VC firms and browser extensions, making it harder for victims to recognize the threat. Such attacks highlight the growing sophistication of cybercriminals in the crypto space, emphasizing the need for heightened vigilance among users and organizations. For crypto enthusiasts and professionals, understanding these threats is critical to safeguarding their assets and maintaining security in a rapidly evolving digital landscape. This underscores the importance of verifying all communications, avoiding suspicious links, and keeping software updated to protect against such attacks.

Verticals

cryptoblockchain

Originally published on CoinTelegraph on 3/3/2026