Hackers have taken control of thousands of websites by tricking owners into downloading malware hidden inside fake software updates. The attacks use two methods called ClickFix and FakeUpdate, which look like real notifications telling website administrators they need to install urgent patches. Once the malware is downloaded, attackers gain access to the entire website and everything stored on it.
These attacks work because website owners trust update notifications. When someone sees a pop-up saying their software needs updating, they usually click yes without thinking twice. The criminals behind these attacks create fake notification messages that look identical to the real thing. They wait for website owners to lower their guard before striking.
Small business owners and website administrators are hit hardest by these attacks. When a hacker takes over a website, they can steal customer information, install ransomware that locks the owner out of their own site, or use it to attack other computers. Some website owners have lost months of work and paid thousands of dollars to regain control. Regular people visiting these websites might also download the malware by accident.
Website security experts at Bleeping Computer say owners should never download updates from pop-up notifications. Instead, they should go directly to the software maker's official website to check for updates. Many website platforms now send official security alerts through email or a control panel instead of pop-ups. Companies like WordPress and hosting providers are warning administrators to be extra careful about what they download over the next few weeks.