Bithumb said on April 9 it has provided users with preventive guidelines against the newly spreading phishing method ClickFix and the information-stealing malware Infostealer.

ClickFix refers to a phishing method that deceives users with error pop-ups or security guidance screens and induces them to copy and paste commands themselves. While existing phishing lured users into clicking malicious links or downloading files, ClickFix is more sophisticated in that it makes users run commands directly.

The Infostealer malware installed in this process can collect various sensitive information, including account passwords, browser-stored information, virtual asset wallet data, session tokens and cookies, and leak it externally.

Bithumb urged users to always be suspicious of instructions to "copy and run commands". It stressed that legitimate websites and services do not require ordinary users to run commands, and that it is safer not to open links or attachments from unclear sources.

It also explained that users should carefully check whether an email sender address matches the official domain, and use links attached to emails and text messages only after confirming the link address matches the legitimate site address.

It said users should not access financial-related tasks through links and should instead use official apps or directly enter the website address.

If users have already run commands or suspect an infection, they should disconnect network connections such as WiFi and wired LAN, and use a separate device confirmed to be safe to take account-protection steps. These include changing passwords, resetting two-step verification, deleting API keys, and checking recent login and withdrawal histories.

If necessary, users should run an in-depth antivirus scan and update the operating system and major software to the latest versions.

A Bithumb official said, "Phishing attacks can prevent a significant number of damages just by having the habit of double-checking and being suspicious." The official added, "Bithumb will continue to strengthen security functions and preventive guidance to protect users' assets."