JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

A new cybersecurity campaign called JackFix is using fake adult websites that clone legitimate sites like xHamster and PornHub to distribute malware. The campaign leverages ClickFix lures and displays fake Windows security update pop-ups to trick users into running malicious commands. The attack is likely distributed through malvertising and targets users visiting adult content sites. Once users interact with the fake update prompts, multiple stealer malware variants are deployed on their systems. This represents an active threat using social engineering tactics combined with compromised or fake websites.