Cybercriminals have combined ClickFix attacks with PySoxy, a 10-year-old open-source Python SOCKS5 proxy, to maintain persistence on victims’ machines without malware, even after attempts at removal.

The campaign has been detailed by cybersecurity researchers at ReliaQuest, who warned that it shows that ClickFix attacks are moving beyond one-time user execution into modular post-exploitation, making the attacks harder to identify and contain.

ClickFix, is a social engineering tactic which tricks users into unwittingly running malicious commands or downloading harmful payloads onto their own machines. It has become a widely deployed method of distributing malware or stealing login credentials.

ReliaQuest said in a 12 May blog that the ClickFix attack they investigated stood out because blocking the initial access the attackers acquired with ClickFix didn’t necessarily stop the intrusion. Instead, the proxy tool featured a local persistence mechanism which allowed the activity to keep restarting through a scheduled task.

Deliberate Preparation for Continued Access

The attackers were careful about the introduction of PySoxy, which was not launched immediately following the initial ClickFix compromise.

Instead, the intruder took time to gather information about the environment, to identify potential follow-on targets, and confirm the host could communicate with attacker-controlled staging infrastructure. Only then was PySoxy introduced as part of the attack.

“That sequence matters because it shows deliberate preparation for continued access, not just one-off reconnaissance,” said Ivan Righi, senior cyber threat intelligence officer analyst at ReliaQuest.

It was only after the proxy had successfully established a connection to the control server operated by the attackers that the final payload was introduced.

Researchers observed attackers attempting this via PowerShell and Python scripts, while they also tried to simply drop a Remote Access Trojan (RAT).

Both channels were blocked by endpoint controls, but the persistence mechanism still mattered because it allowed repeated re-execution attempts.

“For response teams, this means that ClickFix incidents that include persistence and secondary tooling should be treated as active compromise investigations, with host isolation, full artifact review, and validation that all access paths and staged components have been removed,” said Righi.

To counter similar ClickFix attacks which might have bypassed detection, ReliaQuest recommended that security teams review scheduled tasks, analyze Python artifacts, and hunt for proxy-style Python command lines rather than treating a blocked C2 connection as containment.

Earlier this month, the Australian Cyber Security Centre (ACSC) issued a warning over a widespread campaign using ClickFix in an attempt to distribute malware to infrastructure providers and other organizations.