- Report on HP Threat Insights reveals new malware campaigns
- Victims have their data exfiltered by a remote access Trojan
- That are observed attackers using fake captcha -verification pages
New research has claimed that victims are increasingly infecting themselves with malware thanks to an increase in false captcha -verification test – to take advantage of a growing ‘click tolerance’ when users are increasingly used to ‘jumping through braces to authenticate themselves online.’
This is not the first report to mark this attack in which security researchers identifying fake CAPTCHA pages spreading InfoTeals -Malware at the end of 2024, but HP’s latest threat -insight is now reporting warns that this is increasing.
Users were often aimed at striking sites and then pressed to implement compelling but false approval challenges.
More campaigns identified
These fake CAPTCHAS usually fool users into running malicious Powershell commands on their device that installs a lumma stealer -dlobe access Trojan -a popular infoStealer capable of exfiltering a wide range of sensitive information, such as browser details, e -mail -Legitimation information, client data and even cryptocurrency -The -drawbooks.
False CAPTCHA spreading was not the only threat that was uncovered, with attackers who were also able to access end users webcams and microphones in concerning attacks spread through social engineering attacks, primarily using Open Source Rotte and Xenorat to control devices, exfiltrate data and log keystroke.
Alongside this, attackers were observed delivery of malicious JavaScript code “Inside Scalable Vector Graphic (SVG) images to avoid detection”. These images are opened “by default” in browsers and the embedded code is executed, “offers redundancy and revenue options for the striker” thanks to the tools for remote access.
“A common thread across these campaigns is the use of blur and antianalysis techniques to slow down studies,” said Patrick Schläpfer, head threat researcher at HP Security Lab.
“Even simple but effective defense evaluation techniques can delay detection and response from security operation team, which makes it more difficult to contain an intrusion. By using methods such as direct system calls, attacks make it harder for security tools to capture malicious activity, giving them more time to operate undetected – and compromise victims.”
