Analyzing ClickFix and FakeCAPTCHA URLs

ClickGrab analyzes potential clipboard hijacking attacks from ClickFix and FakeCAPTCHA URLs.

URLs Analyzed

Malicious URLs

121

Attack Patterns

View Latest Reports Try Interactive Analyzer Download Latest JSON Data

Also available: Daily JSON report | All historical reports

Latest Findings

Report from 2025-04-27

In our most recent analysis, we examined 29 URLs tagged as ClickFix or FakeCAPTCHA on URLhaus. Found 29 malicious URLs.

PowerShell commands detected: 37

Clipboard manipulation patterns: 35

View Full Report

About The Project

ClickGrab is a tool that analyzes potentially malicious URLs tagged as "ClickFix" or "FakeCAPTCHA" on URLhaus. These attacks typically use fake CAPTCHA verification pages to trick users into copying malicious PowerShell commands to their clipboard.

Our automated nightly analysis extracts indicators of compromise (IOCs) from these URLs, documents clipboard hijacking techniques, and provides detailed reports to help security researchers understand these threats.

Try our new interactive analysis tool to examine suspicious URLs in real-time.