Matrix Push Attacks Target Netflix and PayPal Users in New Wave of Browser-Based Phishing
Cybersecurity researchers are warning Netflix and PayPal users to be on high alert as a new attack platform, dubbed Matrix Push C2, uses disguised browser notifications to steal account credentials. The warning comes after a week of sophisticated cyber threats emerging across multiple platforms, signalling an escalation in tactics used by cybercriminals heading into the new year.
Matrix Push C2, identified in a report by BlackFog security, operates by hijacking web browser functionality and turning it into a delivery system for malware and phishing lures. The platform relies on social engineering to trick users into accepting browser push notifications from malicious or compromised websites. Once the user agrees, attackers can send fake alerts that appear identical to legitimate system or service notifications from brands including Netflix, PayPal, MetaMask, Cloudflare and TikTok.
These counterfeit alerts appear in the genuine notification panel on phones and computers, giving them a high degree of credibility and increasing the likelihood that users will click through to phishing pages designed to harvest their login details.
BlackFog’s analysis revealed a range of prebuilt templates used by attackers to impersonate high-profile services, allowing them to craft convincing warnings about account issues, payments, security checks or subscription problems. Clicking the embedded links sends victims to credential-stealing pages or malware downloads.
The emergence of Matrix Push C2 comes alongside other troubling developments in the cybersecurity landscape. This week alone, analysts flagged a new Android banking trojan capable of bypassing encryption by capturing text from on-screen instant message conversations, as well as sophisticated clipboard-hijacking attacks targeting businesses. All three trends highlight the rapid evolution of phishing and malware-delivery tactics.
Researchers warn that phishing is not declining and that all operating systems remain vulnerable to increasingly complex attack methods. Browser notifications, once considered a convenience feature, have now become a potent attack vector.
Users are advised to avoid enabling browser notifications from unfamiliar websites, ignore unsolicited system-style alerts and verify any account-related messages by visiting services directly rather than clicking links. Netflix and PayPal both provide official guidance on how to spot and report phishing attempts.
With cybercriminals continuing to adapt their tools, security experts emphasise that vigilance remains essential, especially during a season when online activity and digital payments sharply increase.
Photo Credit: DepositPhotos.com