Submit the keyword or topic you are searching for

  1. Home
  2. Technology
  3. Dodgy Gamers Targeted In ‘I Am Not A Robot’ Captcha Scam
Technology

Dodgy Gamers Targeted In ‘I Am Not A Robot’ Captcha Scam

Cybercriminals are using fake Captcha pages to infect devices with malware such as Lumma Stealer. McAfee Labs says it recently observed “the ClickFix infection chain”, which targeted people downloading cracked gaming software, or who clicked on a phishing email that pretended to be from GitHub. “The ClickFix infection chain operates by deceiving users into... Read More

featured-image

Cybercriminals are using fake Captcha pages to infect devices with malware such as Lumma Stealer. McAfee Labs says it recently observed “the ClickFix infection chain”, which targeted people downloading cracked gaming software, or who clicked on a phishing email that pretended to be from GitHub. McAfee malware report.

“The ClickFix infection chain operates by deceiving users into clicking on fake Captcha buttons like ‘Verify you are a human’ or ‘I am not a robot’,” McAfee says. “Once clicked, a malicious script is copied to the user’s clipboard. Users are then misled into pasting the script after pressing the Windows key + R, unknowingly executing the malware.



“This method of trickery facilitates the infection process, making it easy for attackers to deploy malware.” McAfee malware report. The company says the use of multi-layered encryption “further complicates detection and analysis, making these attacks more sophisticated and harder to prevent”.

Cracked gaming software offers pirated version of licensed games. McAfee says it is “observing a campaign targeting multiple countries”, and a map of impacted countries includes Australia. McAfee malware report.

“When users search the internet for free or cracked versions of popular video games, they may encounter online forums, community posts, or public repositories that redirect them to malicious links,” McAfee says. Once redirected, “if a user clicks the ‘I’m not a robot’ button, a malicious PowerShell script is copied to their clipboard, and they are prompted to execute it ..

. the website includes JavaScript functionality that copies the script to the clipboard”. It says that in the second vector, users receive phishing emails, often targeting GitHub contributors, urging them to address a fake ‘security vulnerability’: “These emails contain links leading to the same fake Captcha pages.

These pages use the same technique: the malicious script is copied to the clipboard when the user clicks the button, and they are then prompted to execute it.”.

My Protein Germany

Myprotein UK

Menkind UK

Top News

Class 10 student develops ‘Smart Waste Disinfection Bin’

Excelsior Correspondent Srinagar, Oct 5: A Class 10 student ...

TRAUMACON-24 concludes at GMC Rajouri

Cyber Police Jammu warns public against ‘Golden Hike Digital Investment’ scam

NC won’t align with BJP for Govt formation: Farooq

Related Posts

post-thumbnail
Technology

Algert Global LLC Purchases Shares of 8,964 ITT Inc. (NYSE:ITT)

post-thumbnail
Technology

Google Photos starts rolling out AI-powered ‘Ask Photos’ following waitlist sign-ups

post-thumbnail
Technology

New Samsung Leak Confirms Galaxy S25 Ultra Design Details

post-thumbnail
Technology

Ravens vs Bengals live stream: How to watch NFL game online from anywhere

post-thumbnail
Technology

Aldi Is Selling a Stylish $20 Woven Storage Trunk Similar to a Pottery Barn Style Nearly 4x the Price

post-thumbnail
Technology

Brookhaven RP codes for free music (October 2024)

post-thumbnail
Technology

Audible is a book library worth listening to, even for crime junkies

post-thumbnail
Technology

UK investment summit to feature Google, Wayve and Brookfield