Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Whitepapers
    • AI Models Leaderboard
  • AI toolsNEW
  • Newsletter
  • + More
    • Glossary
    • Conversations
    • Events
    • About
      • Who we are
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Whitepapers
    • AI Models Leaderboard
  • AI toolsNEW
  • Newsletter
  • + More
    • Glossary
    • Conversations
    • Events
    • About
      • Who we are
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

This Netflix notification is actually a malware

The attack infrastructure leverages "lick-me" link redirects to guide victims to malicious pages.

byEmre Çıtak
November 24, 2025
in Cybersecurity, News
Home News Cybersecurity
Share on FacebookShare on TwitterShare on LinkedInShare on WhatsAppShare on e-mail
Google Preferred Source

Cybercriminals have launched Matrix Push, a new command-and-control platform that exploits web-browser notifications to phishing users of services like Netflix and PayPal, as detailed in a BlackFog Security report. This attack deceives victims into revealing credentials through disguised alerts on compromised websites.

The cybersecurity landscape this week featured multiple emerging threats. Reports emerged about Sturnus, a new Android banking trojan developed by cybercriminals. This malware bypasses encryption protocols to access secure instant-message conversations. It achieves this by reading and copying the content when messages display on the smartphone screen, allowing attackers to intercept sensitive information during active use.

Businesses received alerts regarding stealthy copy-and-paste attacks. These exploits target the clipboard function as an entry point for malicious code. Attackers insert harmful payloads into copied text, which then execute when users paste the content into applications or documents, potentially compromising systems without direct user awareness.

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

Matrix Push represents the latest development in this series of deceptive tactics. BlackFog Security’s threat-warning report identifies it as a command-and-control infrastructure operated by cybercriminals. The platform delivers both malware and phishing attacks exclusively through web-browser mechanisms, avoiding traditional delivery methods like email attachments.

The operation of Matrix Push relies on several technical exploits. It leverages push browser notifications to send unsolicited alerts to users. These notifications mimic system-generated messages from the operating system or the browser itself. Attackers also employ faked system alerts that imitate official warnings. Additionally, lick-me link redirects guide users to malicious pages under the guise of legitimate interactions.

Brenda Robb, from BlackFog Security, explained the core mechanism: “Leveraging push browser notifications, faked system alerts, and lick‑me link redirects, Matrix Push turns web browsers into an attack delivery vehicle.” This transformation enables browsers to serve as vectors for ongoing attacks, embedding threats directly into user interfaces.

The phishing process initiates with social engineering techniques. Cybercriminals direct potential victims to a website, either fully malicious or a legitimate one that has been compromised without the owner’s knowledge. Users encounter prompts to accept browser notifications from this site. Granting permission activates the attack sequence, granting attackers the ability to bombard the device with deceptive messages.

Once permissions are obtained, Matrix Push dispatches tailored alerts. These appear as notifications from trusted brands, blending seamlessly with authentic device prompts. Robb detailed the scope: “We found templates for brands such as MetaMask, Netflix, Cloudflare, PayPal, TikTok, and more, each designed to look like a legitimate notification or security page from those providers.” Such impersonation heightens the deception, as the alerts integrate into the device’s standard notification area.

This placement in the genuine notification feed reduces user suspicion. Victims perceive the messages as routine updates or alerts from their subscribed services. Clicking on these prompts redirects users to phishing sites engineered to capture login credentials. The authenticity of the notification’s appearance and location significantly increases the success rate of these credential-grabbing attempts.

Users of affected services have access to specific resources for protection. Netflix provides phishing attack guidance on its help page, outlining recognition and avoidance strategies. Similarly, PayPal maintains a dedicated help page with advice on identifying and responding to phishing attempts, including verification steps for suspicious communications.

The BlackFog report underscores the persistence of browser-based threats across all operating systems. Matrix Push’s design exploits universal web functionalities, making it compatible with various devices and browsers. Cybercriminals continue to refine these platforms, incorporating templates for an expanding array of high-profile brands to broaden their reach.


Featured image credit

Tags: blackfogNetflix

Related Posts

Claude Fable 5 free access extended until July 19

Claude Fable 5 free access extended until July 19

July 13, 2026
Samsung Galaxy Z TriFold 2 launch may be delayed

Samsung Galaxy Z TriFold 2 launch may be delayed

July 13, 2026
Apple to skip M6 Pro and Max chips, fast-tracks M7 lineup for AI focus

Apple to skip M6 Pro and Max chips, fast-tracks M7 lineup for AI focus

July 13, 2026
OpenAI lifts GPT-5.6 Sol usage limits temporarily

OpenAI lifts GPT-5.6 Sol usage limits temporarily

July 13, 2026
OpenAI launches ChatGPT Work productivity app

OpenAI launches ChatGPT Work productivity app

July 10, 2026
Meta files patent for AI-powered emotional monitoring device

Meta files patent for AI-powered emotional monitoring device

July 10, 2026

LATEST NEWS

Claude Fable 5 free access extended until July 19

Samsung Galaxy Z TriFold 2 launch may be delayed

Apple to skip M6 Pro and Max chips, fast-tracks M7 lineup for AI focus

OpenAI lifts GPT-5.6 Sol usage limits temporarily

OpenAI launches ChatGPT Work productivity app

Meta files patent for AI-powered emotional monitoring device

BEST AI MODELS LEADERBOARD

See the best AI models, ranked by intelligence, benchmark results, speed and token price. Find the most suitable LLMs, Text-to-Image, Image Editing, Text-to-Speech, Text-to-Video and Image-to-Video  artificial intelligence model for your tasks and business.

LATEST TOOLS

Mootion

Legacy AI

Copyseeker

ProPhotos

Kuki AI

Create

RemodelAI

AItwitch

Vadoo AI

Greptile AI

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Whitepapers
    • AI Models Leaderboard
  • AI tools
  • Newsletter
  • + More
    • Glossary
    • Conversations
    • Events
    • About
      • Who we are
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies to improve your experience. You can choose to accept or reject them. Visit our Privacy Policy.