Cyber security professionals are warning about a new cyber-attack vector: Lumma Stealer malware that uses fake CAPTCHA tests to spread malware on Windows devices. Users are advised to maintain caution when filling out a CAPTCHA challenge.
“We have identified more active malicious sites spreading the Lumma Stealer. It's important to note that while this technique is currently being used to distribute Lumma Stealer, it could potentially be leveraged to deliver any type of malicious malware to unsuspecting users,” say experts from Cloud SEK.
How does CAPTCHA work?
A CAPTCHA traditionally works as a security checkpoint, making sure that online activities are started by humans and not automated bots. However, hackers are misusing the CAPTCHA for malicious gains, creating a fake CAPTCHA challenge. When a user completes it, the CAPTCHA deploys a series of malicious commands.
The fake CAPTCHA tests ask request users to press a sequence that many users think is harmless. But, doing so starts the download and activation of a Power Shell script that installs the Lumma Stealer malware.
Cybersecurity experts from Palo Alto Networks believe Lumma Stealer is an information-stealing malware used for stealing data- passwords, cookies, and cryptocurrency wallet credentials. If the malware is present on a compromised device, it exposes users to major risks of financial fraud, cyberattacks, and identity theft.
The malicious CAPTCHA has massive scale distribution, experts at Hudson Rock noticed that if a user visits compromised websites, it automatically copies the malicious script to a user's clipboard. This can increase the chances of automatic triggering of an attack.
Additionally, experts have noticed an increase in this kind of attack, meaning cybercriminals are improving and implementing their attack tactics. These fake CAPTCHA tests can be spread via phishing emails and messages, which makes them a threat.
Users can follow these steps to minimize the risks of fake CAPTCHA threats
Check URLs: Make sure the site is authentic before interacting with any CAPTCHA.
Keep systems updated: Updated OS, browsers, and antivirus software can increase your security.
Stay cautious with CAPTCHA: Stay safe from any CAPTCHA test that requests any action beyond selecting images and text input.
Follow safe browsing hygiene: Do not click links or attachments from unknown messages or emails.