216.73.216.133

Malicious CAPTCHA delivers Lumma and Amadey Trojans

· Published 29/10/2024 14:25 · Modified 29/10/2024 14:56

Export JSON

Essential information

Published
29/10/2024 14:25
Modified
29/10/2024 14:56
Tags
2024-10-29 adware amadey captcha infostealers lumma malvertising remcos social engineering
Related entities
1 observables, 13 techniques (mitre), 3 malware, 4 others

Description

An campaign targets online users by presenting them with fake or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like and . The attackers leverage ad networks to redirect victims to compromised sites hosting these lures. Once executed, abuses legitimate BitLocker functionality to harvest cryptocurrency wallets, passwords, and browser data, while gathers credentials and can deploy remote access trojan.

External references