Ghost in the Clipboard: Investigating ClickFix as an Initial Infection Routine

Johnny Westfall · 24:49 · 2025 · Track 2

incident-responseblue-teamthreat-intel

Johnny Westfall on ghost in the clipboard. A Track 2 session from Simply CyberCon 2025.

Open this segment on YouTube ↗ · jumps to 3:54:26 in the Track 2 livestream

Ghost in the Clipboard: Investigating ClickFix as an Initial Infection Routine

Johnny Westfall — MDR Analyst, Unit 42

Delivered on Track 2, Simply CyberCon 2025. Runtime ~25 minutes.

Watch this talk on YouTube (deep-link starts at 03:54:26)

How the talk opens

We have Johnny Westall... ghost in the clipboard.

Full notes and review pending. This page links straight to the speaker's segment in the Track 2 livestream so you can jump in at the right moment.