Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    New Criminal Toolkit Abuses Browser Push Notifications

    KnowBe4 Team | Dec 3, 2025

    KnowBe4 Push It to the Limit Push Notification Abuse - crop

    A new criminal platform called “Matrix Push C2” is using browser notifications to launch social engineering attacks, according to researchers at BlackFog.

    “This browser-native, fileless framework leverages push notifications, fake alerts, and link redirects to target victims across operating systems,” the researchers write. “It turns web browsers into an attack delivery vehicle: tricking users with fake system notifications, redirecting them to malicious sites, monitoring infected clients in real time, and even scanning for cryptocurrency wallets.”

    The platform uses browser notifications to trick users into installing malware or visiting credential-harvesting sites.

    “In a nutshell, Matrix Push C2 abuses the web push notification system (a legitimate browser feature) as a command-and-control (C2) channel,” BlackFog explains.

    “Attackers first trick users into allowing browser notifications (often via social engineering on malicious or compromised websites), and then, once a user subscribes to the attacker’s notifications, the attacker gains a direct line to that user’s desktop or mobile device via the browser. From that point on, the attacker can push out fake error messages or security alerts at will that look frighteningly real. These messages appear as if they are from the operating system or trusted software, complete with official-sounding titles and icons.”

    Since the attack happens within the browser, no malware needs to be initially installed on the system.

    “It’s a fileless technique,” the researchers write. “The unsuspecting user simply sees what looks like a normal system pop-up and might follow its instructions, not realizing they’ve stepped right into the attacker’s trap.”

    AI-powered security awareness training can give your organization an essential layer of defense against social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

    BlackFog has the story.

    Topics: Social Engineering Human Risk Management

    See KnowBe4 Security Awareness Training in Action

    See how you can efficiently safeguard your organization from sophisticated social engineering threats.

    Request a Demo

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk and agent security best practices, compliance strategies and industry research to help organizations strengthen their digital defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog

    Posts By Topic

    View All