216.73.217.98

Behind the CAPTCHA: A Clever Gateway of Malware

· Published 24/09/2024 14:07 · Modified 24/09/2024 14:38

Export JSON

Essential information

Published
24/09/2024 14:07
Modified
24/09/2024 14:38
Tags
2024-09-24
Related entities
7 observables, 14 techniques (mitre), 2 malware

Description

A sophisticated infection chain dubbed ClickFix has been observed using fake CAPTCHA pages to distribute Lumma Stealer malware. The campaign targets multiple countries through two main vectors: cracked game download URLs and phishing emails impersonating GitHub. Users are tricked into executing malicious scripts copied to their clipboards, leading to malware installation. The attack employs multi-layered encryption and leverages mshta to bypass detection. Mitigation strategies include user education, robust email filtering, and keeping systems updated. The global reach and deceptive tactics highlight the evolving nature of cyber threats.

External references