Cybercriminals have found new ways to exploit CAPTCHA systems, commonly used to block bots, by embedding them in malicious websites to disguise malware. When users complete the CAPTCHA, they unknowingly download harmful software.
This makes it difficult for security tools to detect the threat, as the CAPTCHA adds legitimacy to the malicious site. To protect yourself, always ensure you’re interacting with legitimate websites, use trusted antivirus software, and stay cautious when completing CAPTCHAs on unfamiliar sites.
How CAPTCHA malware works to steal your information.
You click on the download link, which presents a CAPTCHA verification. After that, you’re prompted to open the Run dialog and paste a PowerShell code.
The PowerShell code downloads and runs an .exe file, adding it to autorun (starting with Windows). The .exe file is a Stealer designed to steal information like passwords and cookies from your browser.
To avoid malware, follow these best practices:
- Use security software: Install reputable antivirus and anti-malware programs.
- Update regularly: Keep your OS, browsers, and apps up to date with the latest security patches.
- Be cautious with downloads: Avoid downloading files or software from unknown or untrusted sources.
- Don’t click on suspicious links: Be wary of email attachments or links in unsolicited messages.
- Enable CAPTCHA carefully: CAPTCHAs can be used to disguise malware delivery, so ensure you’re on legitimate sites.
For more information, visit McAfee’s blog.