Tag: captcha

Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks

Jan 23, 2025 6:22 PM

Tags: attack, captcha, cybersecurity, malware, threat

Cybersecurity researchers are calling attention to a new malware campaign that leverages fake CAPTCHA verification checks to deliver the infamous Lumma information stealer.”The campaign is global, with Netskope Threat Labs tracking victims targeted in Argentina, Colombia, the United States, the Philippines, and other countries around the world,” Leandro FrÃ³es, senior threat research engineer at First…
Telegram captcha tricks you into running malicious PowerShell scripts

Jan 22, 2025 10:22 PM

Tags: captcha, exploit, malicious, powershell, threat

Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that tricks them into executing PowerShell code that infects them with malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/telegram-captcha-tricks-you-into-running-malicious-powershell-scripts/
Fake CAPTCHA Scams: Ruining Consumer Trust and Driving Website Abandonment

Jan 10, 2025 8:18 AM

Tags: captcha, malware, scam

CAPTCHAs frustrate users, fail to stop sophisticated bots, and now pose a serious malware risk. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/fake-captcha-scams-ruining-consumer-trust-and-driving-website-abandonment/
Privacy Roundup: Week 1 of Year 2025

Jan 5, 2025 11:17 AM

Tags: access, ai, android, apple, authentication, botnet, breach, browser, business, captcha, chrome, compliance, cve, cybersecurity, data, data-breach, detection, email, encryption, exploit, finance, firmware, flaw, google, group, hacker, healthcare, HIPAA, infrastructure, injection, Internet, law, leak, login, malware, open-source, password, phishing, privacy, router, service, software, threat, tool, update, virus, vulnerability

This is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 – 4 JAN 2024. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things overlap; for…
CAPTCHAs now run Doom on nightmare mode

Jan 3, 2025 3:19 PM

Tags: captcha, defense

As if the bot defense measure wasn’t obnoxious enough First seen on theregister.com Jump to article: www.theregister.com/2025/01/03/captcha_doom_nightmare/
Smashing Security podcast #398: Fake CAPTCHAs, Harmageddon, and Krispy Kreme

Dec 19, 2024 5:42 PM

Tags: ai, captcha, ransomware

This week, we delve into the dark world of fake CAPTCHAs designed to hijack your computer. Plus, the AI safety clock is ticking down is doomsday closer than we think? And to top it off, we uncover the sticky situation of Krispy Kreme facing a ransomware attack. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-398/
Fake CAPTCHAs Deliver Lumma Infostealer Malware in Massive Malvertising Campaign

Dec 19, 2024 5:42 AM

Tags: captcha, malware

A large-scale malvertising campaign analyzed by Guardio Labs exposes how fake CAPTCHA prompts are used to deliver the Lumma infostealer malware. This sophisticated operation highlights the dark side of Internet... First seen on securityonline.info Jump to article: securityonline.info/fake-captchas-deliver-lumma-infostealer-malware-in-massive-malvertising-campaign/
Malvertising on steroids serves Lumma infostealer

Dec 17, 2024 1:42 PM

Tags: captcha, malware

A large-scale malvertising campaign distributing the Lumma infostealer malware via intrusive >>ads
Beware of Malicious Ads on Captcha Pages that Deliver Password Stealers

Dec 17, 2024 11:42 AM

Tags: captcha, cyber, cybercrime, exploit, malicious, malware, password

Malicious actors have taken cybercrime to new heights by exploiting captcha verification pages, a typically harmless security feature, to launch large-scale malware distribution campaigns. This startling revelation uncovers how these fake captchas, interlaced with malicious advertising, are infecting users with password-stealing malware. Over the past several weeks, cybercriminals have been leveraging fake captcha pages to…
FakeCaptcha scams”, When the “I’m not a robot” button is a trap

Dec 17, 2024 9:42 AM

Tags: captcha, cybercrime
Malicious ads push Lumma infostealer via fake CAPTCHA pages

Dec 16, 2024 9:42 PM

Tags: captcha, malicious, malware, powershell

A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-ads-push-lumma-infostealer-via-fake-captcha-pages/
DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages

Dec 16, 2024 4:42 PM

Tags: attack, captcha, cybersecurity, malware, network, service

Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds.”Entirely reliant on a single ad network for propagation, this campaign showcases the core mechanisms of malvertising, delivering over First seen…
Fake Captcha Campaign Highlights Risks of Malvertising Networks

Dec 16, 2024 3:42 PM

Tags: captcha, exploit, malware, network, risk, theft

Large-scale campaign identified by Guardio Lans and Infoblox, exploiting malvertising and fake captchas to distribute Lumma infostealer for massive theft First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Rising ClickFix malware distribution trick puts PowerShell IT policies on notice

Nov 25, 2024 6:51 PM

Tags: access, ai, apt, attack, captcha, chatgpt, control, cyber, cybercrime, defense, detection, email, espionage, finance, github, group, infrastructure, jobs, least-privilege, malicious, malware, marketplace, microsoft, open-source, password, phishing, powershell, social-engineering, software, technology, threat, tool, ukraine, update, vulnerability, windows

Threat groups are increasingly adopting a social engineering technique dubbed ClickFix to trick users into copying malicious PowerShell code and executing it themselves. Despite requiring more user interaction to succeed, the tactic has been adopted by several threat groups in recent months, suggesting it is reasonably effective at evading detection compared to relying on automated…
Security Alert: Fake Accounts Threaten Black Friday Gaming Sales

Nov 18, 2024 4:53 PM

Tags: access, attack, authentication, breach, captcha, control, credentials, data, detection, email, exploit, finance, framework, fraud, login, mfa, mitigation, open-source, password, phone, risk, service, switch, tactics, threat, tool, unauthorized

As Black Friday 2024 nears, online retailers are preparing for a surge in demand, particularly for deals, discounts, and bundles on popular gaming consoles like the PS5, Xbox, and Nintendo Switch, along with their accessories. However, this excitement also attracts sophisticated fraudsters who use bots to capitalize on the limited availability of these consoles and…
Phony CAPTCHAs exploited in Lumma, Amadey trojan campaign

Nov 2, 2024 8:57 PM

Tags: captcha, exploit

First seen on scworld.com Jump to article: www.scworld.com/brief/phony-captchas-exploited-in-lumma-amadey-trojan-campaign
Tricky CAPTCHA Caught Dropping Lumma Stealer Malware

Oct 30, 2024 7:56 PM

Tags: captcha, malicious, malware

The persistent infostealer’s latest campaign inserts fake CAPTCHA pages into legitimate applications, fooling users into executing the malicious paylo… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/trick-captcha-lumma-stealer-malware
Malware campaign expands its use of fake CAPTCHAs

Oct 30, 2024 7:51 PM

Tags: captcha, malware

First seen on therecord.media Jump to article: therecord.media/fake-captcha-malware-campaign-lumma-amadey
Fake CAPTCHA Pages Used by Lumma Stealer to Spread Fileless Malware

Oct 25, 2024 1:57 PM

Tags: captcha, malware

First seen on hackread.com Jump to article: hackread.com/fake-captcha-pages-lumma-stealer-fileless-malware/
Straßenbilder: KI löst Bilder-Captchas besser als der Mensch

Oct 10, 2024 1:56 PM

Tags: ai, captcha

First seen on golem.de Jump to article: www.golem.de/news/strassenbilder-ki-loest-bilder-captchas-besser-als-der-mensch-2409-189364.html
AI bots now beat 100% of those traffic-image CAPTCHAs

Oct 2, 2024 1:35 PM

Tags: ai, captcha

First seen on arstechnica.com Jump to article: arstechnica.com/
AI defeats traffic-image CAPTCHA in another triumph of machine over man

Sep 27, 2024 7:35 PM

Tags: ai, captcha

First seen on arstechnica.com Jump to article: arstechnica.com/
Beware Of Fake Captcha Attacks That Delivers Lumma Stealer Malware

Sep 26, 2024 11:11 AM

Tags: attack, captcha, malware

In the past four weeks, a significant increase in malware distribution attempts via fake Captcha campaigns has been observed, targeting over 1.4 milli… First seen on gbhackers.com Jump to article: gbhackers.com/fake-captcha-lumma-stealer-malware/
Fake CAPTCHA Verification Pages Spreading Lumma Stealer Malware

Sep 25, 2024 2:10 AM

Tags: captcha, malware

First seen on hackread.com Jump to article: hackread.com/fake-captcha-verification-pages-lumma-stealer-malware/
Lumma Stealer deployed via fraudulent CAPTCHA pages

Sep 22, 2024 9:10 PM

Tags: captcha

First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/lumma-stealer-deployed-via-fraudulent-captcha-pages
AI-Powered Cyberattacks: Greasy Opal Bypasses CAPTCHA, Threatens User Accounts

Sep 2, 2024 1:30 AM

Tags: ai, captcha, cyberattack, tool

According to a recent report by experts at Arkose Labs, there has been a noticeable surge in the use of the tool Greasy Opal within cyberspace, which … First seen on securityonline.info Jump to article: securityonline.info/ai-powered-cyberattacks-greasy-opal-bypasses-captcha-threatens-user-accounts/
Hacker verkaufen Tool zum Lösen von Captchas und verdienen damit Millionen

Sep 1, 2024 6:36 AM

Tags: captcha, hacker, tool

First seen on t3n.de Jump to article: t3n.de/news/hacker-verkaufen-tool-zum-loesen-von-captchas-1643151/
Persistent GreasyOpal CAPTCHA solver detailed

Aug 30, 2024 8:33 PM

Tags: captcha

First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/persistent-greasyopal-captcha-solver-detailed
Greasy Opal’s CAPTCHA solver still serving cybercrime after 16 years

Aug 26, 2024 4:07 PM

Tags: business, captcha, cybercrime, service

A developer that researchers now track as Greasy Opal, operating as a seemingly legitimate business, has been fueling the cybercrime-as-a-service indu… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/greasy-opals-captcha-solver-still-serving-cybercrime-after-16-years/
Storm-1152’s CAPTCHA Bypass Operation Foiled by Microsoft

Aug 9, 2024 2:33 AM

Tags: captcha, group, microsoft

Microsoft has seized a domain used by the Vietnamese group Storm-1152 to sell fraudulent accounts and CAPTCHA bypass services. The domain rockcaptcha[… First seen on securityonline.info Jump to article: https://securityonline.info/storm-1152s-captcha-bypass-operation-foiled-by-microsoft/