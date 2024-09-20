Malware, Phishing

Lumma Stealer deployed via fraudulent CAPTCHA pages

Share
System hacked warning alert on laptop computer. Cyber attack on computer network, virus, spyware, malware or malicious software. Cyber security and cybercrime concept. System security technology (3)

(Adobe Stock)

Windows users have been mainly targeted in a new phishing campaign that leverages phony CAPTCHA verification pages to facilitate Lumma Stealer malware deployment, Hackread reports.

Attacks involved the utilization of Amazon S3 bucket and Content Delivery Network-hosted sites spoofing Google CAPTCHA pages and other verification sites, which include instructions that trigger a malicious PowerShell command downloading Lumma Stealer and proceeding with the exfiltration of sensitive device data, including financial details and login credentials, according to a CloudSEK report. Such a development comes just weeks after the information-stealing malware was reported to have been concealed as an OnlyFans hacking tool, which ended up compromising threat actors' information. Threat actors also leveraged hacked YouTube channels to distribute Lumma in the guise of pirated software after an updated version of the infostealer was reported to have gained human user detection capabilities with trigonometric techniques.

Related

New SambaSpy malware spread in phishing campaign

Attacks commenced with the distribution of phishing emails with an HTML attachment or malicious link, which would trigger the deployment of the Java-based RAT, which enables not only file system, process, and remote desktop management, but also file uploads or downloads, keylogging, screenshot capturing, and webcam takeovers.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.