A report by cybersecurity firm CloudSEK Report In 2018, several phishing websites have been discovered that are using fake verification pages to trick users into downloading malware. In this, attackers have created several websites to spread malware and added a fake human verification system to them. This system is similar to Google’s CAPTCHA page. In a normal CAPTCHA, users have to check some boxes or perform tasks related to some pattern to prove that they are not a bot, but in the fake page, the user is asked to run some unusual commands.
In one such case, researchers have caught a fake verification page that asked users to run a PowerShell script. PowerShell consists of a series of commands that can be executed in the Run dialog box. In this case, the commands were extracting content from a.txt file hosted on a remote server. It prompted a Windows system to download and extract a file, thereby delivering the Lumma Stealer malware to the system.
This report also provides a list of URLs that were delivering malware to users of Windows systems. CloudSEK researchers have also found that Content Delivery Networks (CDN) were being used to spread these fake verification pages. These researchers have also advised companies to implement endpoint solutions and provide training to workers on ways to avoid this malware. Apart from this, regularly updating patching systems can also prevent the threat from Lumma Stealer.
Gadgets 360 for the latest tech news, smartphone reviews and exclusive offers on popular mobiles Android Download the app and let us know Google News Follow on.
Devices, Windows, Cybersecurity, Laptop, Market, Demand, Workers, Training, Warning, Malware, CAPTCHA, Google, Report, Computer