{"id":6907,"date":"2025-11-30T16:02:13","date_gmt":"2025-11-30T15:02:13","guid":{"rendered":"https:\/\/viva.racunalniske-novice.com\/lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice\/"},"modified":"2025-11-30T16:02:13","modified_gmt":"2025-11-30T15:02:13","slug":"lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice","status":"publish","type":"post","link":"https:\/\/viva.racunalniske-novice.com\/hr\/lazno-azuriranje-sustava-windows-krade-lozinke-i-kripto-novcanike\/","title":{"rendered":"La\u017eno a\u017euriranje sustava Windows krade lozinke i kripto nov\u010danike"},"content":{"rendered":"<p class=\"wp-block-paragraph\">Kiberneti\u010dki kriminalci a\u017eurirali su zloglasni zlonamjerni softver ClickFix koji se sada pretvara da je legitimno a\u017euriranje sustava Windows, varaju\u0107i korisnike da zalijepe zlonamjerni kod u prozor Run. Ono \u0161to ovaj napad \u010dini posebno pametnim jest to \u0161to koristi pikselne podatke iz PNG datoteke za pokretanje zlonamjernog koda koji krade korisni\u010dka imena, lozinke, kripto nov\u010danike, bankovne podatke i druge osjetljive podatke.<br><br>Istra\u017eiva\u010di u Huntressu nedavno su otkrili novu varijantu ClickFixa. Prikazuje la\u017eni prozor preglednika preko cijelog zaslona koji opona\u0161a a\u017euriranje sustava Windows, s trakom napretka zaglavljenom na 95 posto za navodno &quot;kriti\u010dno sigurnosno a\u017euriranje&quot;. Zlonamjerni softver naj\u010de\u0161\u0107e se nalazi na la\u017enim web stranicama za odrasle koje opona\u0161aju popularne portale, \u010desto u obliku oglasa ili upita za provjeru dobi. Klikom na takav element pokre\u0107e se la\u017eni prozor a\u017euriranja.<br><br>Korisnici se zatim poti\u010du da pritisnu Windows + R i zalijepe zlonamjerni kod, nesvjesno daju\u0107i kiberneti\u010dkim napada\u010dima pristup s administratorskim privilegijama. Naredba pokre\u0107e program mshta (Microsoft HTML Application Host) sa zlonamjernim URL-om, koji preuzima dodatni kod iz heksadecimalnog izvora. Zatim se pokre\u0107u PowerShell skripte, zbunjuju\u0107i sigurnosne programe poput Bitdefendera i de\u0161ifriraju\u0107i PNG datoteku iz koje se izdvajaju shell naredbe koje se ubrizgavaju u ve\u0107 pokrenute procese.<br><br>Iako se PNG \u010dini bezopasnim, njegovi pikseli sadr\u017ee \u0161ifrirani zlonamjerni kod. Nakon de\u0161ifriranja, aktiviraju se kradljivci informacija poput Rhadamanthys ili LummaC2, prikupljaju\u0107i lozinke, vjerodajnice i podatke o kripto nov\u010daniku te ih \u0161alju\u0107i na strane poslu\u017eitelje.<br><br>Huntress izvje\u0161tava da se ova varijanta \u0161iri od po\u010detka listopada, a mnoge domene i dalje hostiraju la\u017eni prozor za a\u017euriranje. Hakeri dodatno prikrivaju kod nasumi\u010dnim retcima ili \u010dak \u010dudnim citatima, uklju\u010duju\u0107i i one s UN-ovog sastanka o razoru\u017eanju.<br><br>ClickFix je jedan od najsofisticiranijih oblika zlonamjernog softvera za kra\u0111u podataka ikad. Stru\u010dnjaci savjetuju korisnicima da provjeravaju URL-ove domena, izbjegavaju sumnjive oglase i nikada ne unose nepoznate naredbe u svoje ure\u0111aje.<\/p>\n<div class=\"embed-container\"><iframe src=\"https:\/\/www.youtube.com\/embed\/bi9EknqFyJA\" frameborder=\"0\" allowfullscreen><\/iframe><\/div><br\/>","protected":false},"excerpt":{"rendered":"<p>Kibernetski kriminalci so posodobili zloglasni zlonamerni program ClickFix, ki se zdaj pretvarja, da je legitimna posodobitev sistema Windows. S tem uporabnike prelisi\u010dijo, da v okno \u00bbZa\u017eeni\u00ab prilepijo zlonamerno kodo. Posebna premetenost tega napada je v tem, da uporablja podatke slikovnih pik iz datoteke PNG za spro\u017eitev zlonamerne kode, ki kradejo uporabni\u0161ka imena, gesla, kripto denarnice, [&hellip;]<\/p>","protected":false},"author":2,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[68],"tags":[136],"class_list":["post-6907","post","type-post","status-publish","format-standard","hentry","category-operacijski-sistemi","tag-windows-operacijski-sistem"],"acf":{"subtitle":"Nova razli\u010dica zlonamernega programa ClickFix se predstavlja kot legitimna posodobitev sistema Windows. S pomo\u010djo skrite kode v PNG datotekah napadalci kradejo gesla, kripto denarnice in druge ob\u010dutljive podatke. Raziskovalci opozarjajo na nevarnost la\u017enih spletnih strani in pozivajo k ve\u010dji previdnosti.","heading":"","summary":"Nova razli\u010dica zlonamernega programa ClickFix se predstavlja kot legitimna posodobitev sistema Windows. S pomo\u010djo skrite kode v PNG datotekah napadalci kradejo gesla, kripto denarnice in druge ob\u010dutljive podatke. Raziskovalci opozarjajo na nevarnost la\u017enih spletnih strani in pozivajo k ve\u010dji previdn","thumbnail_small":"https:\/\/racunalniske-novice.com\/wp-content\/uploads\/2025\/07\/Windows-11-finally-overtakes-Windows-10-as-worlds-top-desktop-OS-560x315.jpg","thumbnail_large":"https:\/\/racunalniske-novice.com\/wp-content\/uploads\/2025\/07\/Windows-11-finally-overtakes-Windows-10-as-worlds-top-desktop-OS.jpg","thumbnail_caption":"Foto: Lenovo","gallery":"","video_gallery":[{"youtube_url":"https:\/\/www.youtube.com\/watch?v=bi9EknqFyJA"}],"author":"","links":[{"title":"ClickFix","url":""}],"sources":null,"skip_language":[]},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>La\u017ena Windows posodobitev krade gesla in kripto denarnice - Ra\u010dunalni\u0161ke novice<\/title>\n<meta name=\"description\" content=\"Nova razli\u010dica zlonamernega programa ClickFix se predstavlja kot legitimna posodobitev sistema Windows. S pomo\u010djo skrite kode v PNG datotekah napadalci kradejo gesla, kripto denarnice in druge ob\u010dutlj\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/viva.racunalniske-novice.com\/hr\/wp-json\/wp\/v2\/posts\/6907\" \/>\n<meta property=\"og:locale\" content=\"hr_HR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"La\u017ena Windows posodobitev krade gesla in kripto denarnice - Ra\u010dunalni\u0161ke novice\" \/>\n<meta property=\"og:description\" content=\"Kibernetski kriminalci so posodobili zloglasni zlonamerni program ClickFix, ki se zdaj pretvarja, da je legitimna posodobitev sistema Windows. S tem uporabnike prelisi\u010dijo, da v okno \u00bbZa\u017eeni\u00ab prilepijo zlonamerno kodo. Posebna premetenost tega napada je v tem, da uporablja podatke slikovnih pik iz datoteke PNG za spro\u017eitev zlonamerne kode, ki kradejo uporabni\u0161ka imena, gesla, kripto denarnice, [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/viva.racunalniske-novice.com\/hr\/lazno-azuriranje-sustava-windows-krade-lozinke-i-kripto-novcanike\/\" \/>\n<meta property=\"og:site_name\" content=\"Ra\u010dunalni\u0161ke novice\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-30T15:02:13+00:00\" \/>\n<meta name=\"author\" content=\"sinusiks\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Napisao\/la\" \/>\n\t<meta name=\"twitter:data1\" content=\"sinusiks\" \/>\n\t<meta name=\"twitter:label2\" content=\"Procijenjeno vrijeme \u010ditanja\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/viva.racunalniske-novice.com\/lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice\/\",\"url\":\"https:\/\/viva.racunalniske-novice.com\/lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice\/\",\"name\":\"La\u017ena Windows posodobitev krade gesla in kripto denarnice - Ra\u010dunalni\u0161ke novice\",\"isPartOf\":{\"@id\":\"https:\/\/viva.racunalniske-novice.com\/en\/#website\"},\"datePublished\":\"2025-11-30T15:02:13+00:00\",\"dateModified\":\"2025-11-30T15:02:13+00:00\",\"author\":{\"@id\":\"https:\/\/viva.racunalniske-novice.com\/en\/#\/schema\/person\/afb62e36efa34516d50249517e4cdbb4\"},\"breadcrumb\":{\"@id\":\"https:\/\/viva.racunalniske-novice.com\/lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice\/#breadcrumb\"},\"inLanguage\":\"hr\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/viva.racunalniske-novice.com\/lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/viva.racunalniske-novice.com\/lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/viva.racunalniske-novice.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"La\u017ena Windows posodobitev krade gesla in kripto denarnice\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/viva.racunalniske-novice.com\/en\/#website\",\"url\":\"https:\/\/viva.racunalniske-novice.com\/en\/\",\"name\":\"Ra\u010dunalni\u0161ke novice\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/viva.racunalniske-novice.com\/en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"hr\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/viva.racunalniske-novice.com\/en\/#\/schema\/person\/afb62e36efa34516d50249517e4cdbb4\",\"name\":\"sinusiks\",\"sameAs\":[\"https:\/\/ml.racunalniske-novice.com\"],\"url\":\"https:\/\/viva.racunalniske-novice.com\/hr\/author\/sinusiks\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"La\u017ena Windows posodobitev krade gesla in kripto denarnice - Ra\u010dunalni\u0161ke novice","description":"Nova razli\u010dica zlonamernega programa ClickFix se predstavlja kot legitimna posodobitev sistema Windows. S pomo\u010djo skrite kode v PNG datotekah napadalci kradejo gesla, kripto denarnice in druge ob\u010dutlj","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/viva.racunalniske-novice.com\/hr\/wp-json\/wp\/v2\/posts\/6907","og_locale":"hr_HR","og_type":"article","og_title":"La\u017ena Windows posodobitev krade gesla in kripto denarnice - Ra\u010dunalni\u0161ke novice","og_description":"Kibernetski kriminalci so posodobili zloglasni zlonamerni program ClickFix, ki se zdaj pretvarja, da je legitimna posodobitev sistema Windows. S tem uporabnike prelisi\u010dijo, da v okno \u00bbZa\u017eeni\u00ab prilepijo zlonamerno kodo. Posebna premetenost tega napada je v tem, da uporablja podatke slikovnih pik iz datoteke PNG za spro\u017eitev zlonamerne kode, ki kradejo uporabni\u0161ka imena, gesla, kripto denarnice, [&hellip;]","og_url":"https:\/\/viva.racunalniske-novice.com\/hr\/lazno-azuriranje-sustava-windows-krade-lozinke-i-kripto-novcanike\/","og_site_name":"Ra\u010dunalni\u0161ke novice","article_published_time":"2025-11-30T15:02:13+00:00","author":"sinusiks","twitter_card":"summary_large_image","twitter_misc":{"Napisao\/la":"sinusiks","Procijenjeno vrijeme \u010ditanja":"2 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/viva.racunalniske-novice.com\/lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice\/","url":"https:\/\/viva.racunalniske-novice.com\/lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice\/","name":"La\u017ena Windows posodobitev krade gesla in kripto denarnice - Ra\u010dunalni\u0161ke novice","isPartOf":{"@id":"https:\/\/viva.racunalniske-novice.com\/en\/#website"},"datePublished":"2025-11-30T15:02:13+00:00","dateModified":"2025-11-30T15:02:13+00:00","author":{"@id":"https:\/\/viva.racunalniske-novice.com\/en\/#\/schema\/person\/afb62e36efa34516d50249517e4cdbb4"},"breadcrumb":{"@id":"https:\/\/viva.racunalniske-novice.com\/lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice\/#breadcrumb"},"inLanguage":"hr","potentialAction":[{"@type":"ReadAction","target":["https:\/\/viva.racunalniske-novice.com\/lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/viva.racunalniske-novice.com\/lazna-windows-posodobitev-krade-gesla-in-kripto-denarnice\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/viva.racunalniske-novice.com\/en\/"},{"@type":"ListItem","position":2,"name":"La\u017ena Windows posodobitev krade gesla in kripto denarnice"}]},{"@type":"WebSite","@id":"https:\/\/viva.racunalniske-novice.com\/en\/#website","url":"https:\/\/viva.racunalniske-novice.com\/en\/","name":"Ra\u010dunalni\u0161ke novice","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/viva.racunalniske-novice.com\/en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"hr"},{"@type":"Person","@id":"https:\/\/viva.racunalniske-novice.com\/en\/#\/schema\/person\/afb62e36efa34516d50249517e4cdbb4","name":"sinusiks","sameAs":["https:\/\/ml.racunalniske-novice.com"],"url":"https:\/\/viva.racunalniske-novice.com\/hr\/author\/sinusiks\/"}]}},"_links":{"self":[{"href":"https:\/\/viva.racunalniske-novice.com\/hr\/wp-json\/wp\/v2\/posts\/6907","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/viva.racunalniske-novice.com\/hr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/viva.racunalniske-novice.com\/hr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/viva.racunalniske-novice.com\/hr\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/viva.racunalniske-novice.com\/hr\/wp-json\/wp\/v2\/comments?post=6907"}],"version-history":[{"count":0,"href":"https:\/\/viva.racunalniske-novice.com\/hr\/wp-json\/wp\/v2\/posts\/6907\/revisions"}],"wp:attachment":[{"href":"https:\/\/viva.racunalniske-novice.com\/hr\/wp-json\/wp\/v2\/media?parent=6907"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/viva.racunalniske-novice.com\/hr\/wp-json\/wp\/v2\/categories?post=6907"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/viva.racunalniske-novice.com\/hr\/wp-json\/wp\/v2\/tags?post=6907"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}