StopFix is a browser extension designed to detect and report clipboard-based attacks such as FileFix, ClickFix, and similar malicious payloads. It works on any web page—including iframes—and alerts the user when suspicious content is copied to the clipboard. Users can review the content and choose to either ignore it or safely clear the clipboard.
- Detects suspicious clipboard activity triggered by web pages or iframes.
- Identifies PowerShell, mshta, msiexec, rundll32, regsvr32 and other common attack vectors in Windows Systems.
- Identifies Bash, curl and other common attachs vectors in Apple Systems.
- User-friendly modal warning with options to ignore or clear the clipboard.
- Site-agnostic: works across all domains without requiring page-specific integration.
- Clone or download this repository.
- Open Chrome and navigate to
chrome://extensions/. - Enable Developer mode in the top right corner.
- Click Load unpacked and select the folder of this project.
- When a web page or iframe attempts to copy suspicious content to the clipboard, a modal will appear.
- Review the copied content in the modal.
- Choose Ignore to keep the clipboard intact, or Clear to remove the suspicious content.
Contributions are welcome! Please fork the repository and submit a pull request.
MIT License