Malicious CAPTCHA delivers Lumma and Amadey Trojans

1(520) 261-1728

Malicious CAPTCHA delivers Lumma and Amadey Trojans

An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting these social engineering lures. Once executed, Lumma abuses legitimate BitLocker functionality to harvest cryptocurrency wallets, passwords, and browser data, while Amadey gathers credentials and can deploy Remcos remote access trojan. Author: AlienVault

Related Tags:
captcha

social-engineering

adware

T1558

T1557

T1064

T1555

Russian Federation

Italy

Associated Indicators:
59F706841DB1AD174075BD529CC5B231A6BB6054

EE2FF2C8F49CA29FE18E8D18B76D4108

E3274BC41F121B918EBB66E2F0CBFE29

525ABE8DA7CA32F163D93268C509A4C5

Threat Intel Solutions

Malicious CAPTCHA delivers Lumma and Amadey Trojans

Search

Popular Posts

2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

MintsLoader: StealC and BOINC Delivery

Categories

Archives

Tags

Follow Us