ClickFix JavaScript Attack Targets Cryptocurrency Users via Pastebin

ClickFix JavaScript Attack Targets Cryptocurrency Users via Pastebin

First seen 15 Feb 2026, 19:07 UTC BleepingcomputerForklog 92% similarity 22.3

Article Content

Browse articles
ThreatCluster

Threat actors are exploiting Pastebin to launch a ClickFix-style attack that deceives cryptocurrency users into executing malicious JavaScript in their browsers. This attack hijacks Bitcoin swap transactions, redirecting funds to wallets controlled by the attackers, and relies on social engineering tactics promising high returns from a fake Swapzone.io arbitrage exploit.

ThreatCluster AI

Timeline

2026-02-15
Attack reported using Pastebin for ClickFix-style JavaScript attack

Community

Browse all →