Friend
Professional
- Messages
- 2,653
- Reaction score
- 850
- Points
- 113
The robot test has become a nightmare for users.
Information security experts warn of a new fraudulent scheme: attackers have begun to use fake CAPTCHA tests to install malware on Windows computers. This is a signal that users should pay more attention to protecting their data and be careful when interacting with CAPTCHAs.
As you know, standard CAPTCHA tests require the user to perform certain tasks, such as selecting the necessary objects in an image or entering text characters. However, the attackers took advantage of this familiar scenario and created a fake version of the test, which, instead of checking, offers the user to perform a number of actions on the keyboard that lead to the installation of a virus.
Instead of traditional requests, a fake CAPTCHA asks the user to press the "Windows + R" key combination, which brings up a window on the computer to execute commands. Next, the test suggests pressing "CTRL + V" and then the enter key. If the user does not think about what is happening, he may not notice that a command is running in the window that activates the loading of a malicious PowerShell script.
Script activation process via CAPTCHA
According to Palo Alto Networks Unit 42, the malicious script installs the Lumma Stealer infostealer on the device, which is designed to steal passwords, cookies, and cryptocurrency wallet data from the infected device.
Hudson Rock experts also confirmed that when visiting dangerous sites that host a fake CAPTCHA test, a malicious script is automatically copied to the browser. When the user performs the proposed actions, the script is activated, which leads to the infection of the device.
Attacks using fake CAPTCHAs continue to appear. Cybersecurity specialist John Hammond of Huntress noted that the company recorded another appearance of this threat last week.
Fake CAPTCHA tests can be spread through phishing emails and messages, making them particularly dangerous. Users should be vigilant and not perform suspicious activities during a CAPTCHA check.
Source
Information security experts warn of a new fraudulent scheme: attackers have begun to use fake CAPTCHA tests to install malware on Windows computers. This is a signal that users should pay more attention to protecting their data and be careful when interacting with CAPTCHAs.
As you know, standard CAPTCHA tests require the user to perform certain tasks, such as selecting the necessary objects in an image or entering text characters. However, the attackers took advantage of this familiar scenario and created a fake version of the test, which, instead of checking, offers the user to perform a number of actions on the keyboard that lead to the installation of a virus.
Instead of traditional requests, a fake CAPTCHA asks the user to press the "Windows + R" key combination, which brings up a window on the computer to execute commands. Next, the test suggests pressing "CTRL + V" and then the enter key. If the user does not think about what is happening, he may not notice that a command is running in the window that activates the loading of a malicious PowerShell script.
Script activation process via CAPTCHA
According to Palo Alto Networks Unit 42, the malicious script installs the Lumma Stealer infostealer on the device, which is designed to steal passwords, cookies, and cryptocurrency wallet data from the infected device.
Hudson Rock experts also confirmed that when visiting dangerous sites that host a fake CAPTCHA test, a malicious script is automatically copied to the browser. When the user performs the proposed actions, the script is activated, which leads to the infection of the device.
Attacks using fake CAPTCHAs continue to appear. Cybersecurity specialist John Hammond of Huntress noted that the company recorded another appearance of this threat last week.
Fake CAPTCHA tests can be spread through phishing emails and messages, making them particularly dangerous. Users should be vigilant and not perform suspicious activities during a CAPTCHA check.
Source
