Bithumb Warns Users Over ClickFix Phishing, Infostealer Data Theft

Bithumb urged users to strengthen security precautions as a new phishing tactic spreads.

The South Korean crypto exchange said it had issued prevention guidelines on ClickFix phishing and infostealer malware.

ClickFix is a phishing method that disguises itself as an error message or security notice and tricks users into copying and pasting commands themselves. That makes it riskier than conventional phishing because users are induced to carry out the malicious action on their own.

The infostealer malware installed through that process can collect and send sensitive information externally, including account passwords, browser-stored data, crypto wallet data and cookies.

Bithumb said legitimate services never require users to execute commands and that any such prompt should be treated as suspicious. It also advised users not to open links or attachments from unverified sources.

The exchange recommended checking email sender addresses and link domains. It also urged users to access financial services through official apps or by typing the official website address directly.

If infection is suspected, users should disconnect from the network, change passwords, reset two-factor authentication, delete API keys, and review login and withdrawal records.

Bithumb also provides security features including AhnLab Safe Transaction, two-channel authentication and a function that blocks access from overseas IP addresses.

"Phishing methods are becoming more sophisticated, but basic checks alone can prevent a significant share of damage," a Bithumb official said. "We will continue to strengthen security guidance and features to protect users' assets."