A report by Cybercharity firm Cloudsek has discovered many fishing websites that are implicating users in malware downloads using a fake verification page. In this, the attackers have created several websites spreading malware and added a fake human verification system. This system is similar to Google’s Captcha page. In the normal captcha, users have to check some boxes or do tasks connected to some patterns that prove that they are not a bot but in a fake page the user is asked to run some unusual commands.
In one such case, researchers have caught a fake verification page on which users were being asked to run a powershell script. Powershell consists of a series of commands that can be run in the run dialog box. In this case, the commands were taking content from the A.TXT file hosted on a remote server. It was promoted to download and extract a file on the Windows system, which led to the Lumma Stealer Malware in this system.
This report also has a list of URLs which were delivering malware to the users of the Windows system. Researchers at Cloudsek have also found that content delivery networks (CDN) were being used to spread these lattice verification pages. These researchers have also advised companies to implement end -point solutions and provide training to workers in ways to avoid this malware. Apart from this, updating patching systems regularly can also avoid the danger of Lumma Stealer.
Download the Gadgets 360 Android app for the latest tech news, smartphone review and exclusive offer on popular mobiles and follow us on Google News.
Units, Home Windows, Cybersecurity, Computer, Marketplace, Call For, Employees, Coaching, BlackMail, Malware, Captcha, Google, Record, Laptop
