Phony CAPTCHAs exploited in Lumma, Amadey trojan campaign

Share This Post



Threat actors have leveraged fraudulent CAPTCHAs to facilitate the deployment of the Lumma information-stealing malware and Amadey botnet as part of a new attack campaign that commenced in mid-September, which was primarily targeted at Brazil, Spain, Italy, and Russia, according to The Record, a news site by cybersecurity firm Recorded Future.

Malicious sites have been leveraged to redirect to a CAPTCHA, with clicking the “I’m not a robot” button followed by the copying and execution of malicious code prompting the distribution of the Lumma infostealer, which not only compromises cryptocurrency wallets and browser-stored data but also generates revenue by increasing traffic to online stores, a report from Kaspersky showed. Other attacks in the campaign involved the delivery of the Amadey botnet, which enables browser credential and cryptocurrency wallet compromise, as well as screenshot capturing and Remcos RAT deployment for total device takeovers, said researchers.



Source link

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Blogs

Mickey Mouse operation hacked by former employee

A disgruntled former Disney worker stands accused of illegally hacking the company’s systems and harassing its workers. Michael Scheuer, a former system administrator with the

Do You Want To Boost Your Business?

drop us a line and keep in touch