/tags/sectoprat/ Recent content in SectopRat on Saksham Anand Hugo -- gohugo.io en-us Sun, 23 Mar 2025 00:00:00 +0000 /blog/clickfix-infrastructure-discovery/ Sun, 23 Mar 2025 00:00:00 +0000 /blog/clickfix-infrastructure-discovery/ What is ClickFix? ClickFix is a social engineering technique increasingly being used by actors in the past few months. The technique relies on fooling users to run PowerShell or Terminal commands on their computers, through the use of fake error dialogue boxes. This post will look at how the domains involved in ClickFix script can be latched onto to discover additional infrastructure. The ClickFix script in this case was used to download the SectopRAT malware, you can read more about the malware itself on my friend Chris’s blog here.