Live Threat Surface

ClickGrab Threat Intelligence, rebuilt for speed and clarity

Daily telemetry from ClickFix and FakeCAPTCHA campaigns, correlated into one view so teams can spot the chain: social lure, clipboard abuse, and execution behavior.

Pressure Trend • Threat pressure is climbing versus yesterday.

URLs Analyzed 100

Threats Detected 43

Detection Rate 43.0%

Indicators / Threat 661.0

Pressure Score 100/100

View Latest Report Try Live Analyzer Browse Techniques Download JSON

Correlation Snapshot

How attacker behavior clusters inside suspicious pages from the latest run.

Lure -> Execution Correlation

8 sites (18.6%)

Suspicious sites that combine social lures and execution indicators.

Clipboard -> Execution Correlation

9 sites (20.9%)

Sites where clipboard abuse appears alongside command execution behavior.

Redirect -> Obfuscation Correlation

18 sites (41.9%)

Sites blending redirect staging with encoded or obfuscated script content.

Full Chain (Lure + Clipboard + Execution)

8 sites (18.6%)

Potential end-to-end social engineering chains in a single page sample.

Indicator Signal Mix

Top extracted signals ranked by volume and normalized per suspicious site.

IP Indicators

973 total | 22.6/site

Steganography Hints

756 total | 17.6/site

Suspicious Keywords

530 total | 12.3/site

Redirect Activity

110 total | 2.6/site

Clipboard Activity

103 total | 2.4/site

CAPTCHA Bait Elements

58 total | 1.3/site

Recent Threat Activity

Detection pressure over the latest report windows.

May 20, 2026

43 threats 43.0% hit rate

May 19, 2026

41 threats 41.0% hit rate

May 18, 2026

40 threats 40.0% hit rate

May 17, 2026

42 threats 42.0% hit rate

May 16, 2026

44 threats 44.0% hit rate

May 20, 2026

Daily Threat Report

43 Threats

100 Sites

43.0% Detection

Open Report →

May 19, 2026

Daily Threat Report

41 Threats

100 Sites

41.0% Detection

Open Report →

May 18, 2026

Daily Threat Report

40 Threats

100 Sites

40.0% Detection

Open Report →

May 17, 2026

Daily Threat Report

42 Threats

100 Sites

42.0% Detection

Open Report →

View Full Archive

What ClickGrab Correlates

The engine links lure behavior, execution tradecraft, and infrastructure movement in one workflow.

PowerShell + Clipboard Chain

Highlights runbook-style attack flow when copied commands connect directly to execution artifacts.

Fake CAPTCHA and Lure Tracking

Flags fake verification patterns, social prompts, and lure themes that map to active campaigns.

Redirect Infrastructure Mapping

Captures redirect chains and handoff points to expose staging and command delivery paths.

Obfuscation Pressure Scoring

Measures base64 and script concealment density to prioritize pages that demand deeper triage.

IOC Extraction at Scale

Surfaces URLs, IPs, command strings, and keywords in structured output for analyst workflows.

Daily Trend Visibility

Shows detection-rate movement so teams can spot campaign acceleration before it peaks.

See the chain, not just isolated indicators

ClickGrab now emphasizes the relationship between lures, clipboard abuse, and execution behavior so defenders can triage faster and act with context.

Read Threat Analysis View on GitHub