breach🌐InternationalBleepingComputer
New ErrTraffic Service Automates ClickFix Attacks with Fake Glitches
Tuesday, December 30, 2025
What
ErrTraffic is a new cybercrime platform that automates ClickFix social engineering attacks by creating fake visual glitches on compromised websites. This sophisticated tool matters because it significantly lowers the barrier for threat actors to deploy targeted malware, bypassing standard security controls with high reported success rates.
Where
Compromised websites globally, targeting users across Windows, macOS, Android, and Linux systems. CIS countries are explicitly excluded.
When
Disclosed December 30, 2025, after being promoted on hacking forums earlier that month.
Key Factors
- •ErrTraffic functions as a self-hosted Traffic Distribution System (TDS), sold for $800, enabling threat actors to easily configure and deploy sophisticated ClickFix campaigns.
- •The platform employs geolocation and OS fingerprinting to deliver tailored visual glitches and specific payloads, including Lumma, Vidar, Cerberus, and AMOS, for maximum impact.
- •Its automated DOM manipulation creates believable 'broken' website scenarios, tricking users into executing malicious PowerShell commands or installing malware under the guise of a fix.
Takeaways
- →Users should be highly skeptical of unexpected browser glitches or prompts to download updates/fonts from unfamiliar sources, verifying legitimacy before acting.
- →Organizations must implement robust website security, including regular integrity checks and strong content security policies, to prevent malicious script injection and DOM manipulation.
Read Full Article
Opens original article on BleepingComputer
