Everyone should be careful when buying cheaper and affordable pirated games. These copied versions have long been a hotbed for malware distribution, and cybercriminals are now using CAPTCHA challenges to make their attacks even more effective.
According to a recent report by McAfee Labs, cyber attackers are leveraging CAPTCHA to trick users into thinking that malicious websites or downloads are legitimate. Security researchers first detected the use of CAPTCHAs in malware delivery schemes last month.
Since then, this technique has rapidly gained traction, with reports indicating a growing number of gamers all over the world are encountering. McAfee’s data suggests that this method of attack is becoming increasingly prevalent, putting more individuals at risk across different regions.
This method is common in pirated games, where users may already expect to jump through several layers of check, like bypassing verification systems. When users search for cracked versions of popular games, they often end up on shady websites. These sites commonly use CAPTCHAs to appear more credible, creating the illusion that the files or content being offered are secure. After solving the CAPTCHA, users are redirected to download a file that is mostly infected with malware, in this case, Lumma Stealer.
Lumma Stealer is a sophisticated information-stealing malware that surfaced in 2022. It targets sensitive data like login credentials, browser cookies, saved passwords, and information from file transfer protocol (FTP) clients and cryptocurrency wallets.
The malware stealthily collects this data from infected systems and transmits it to remote servers controlled by attackers. Its ability to steal from major web browsers, including Chrome, Firefox, and Edge, as well as its capacity to compromise cryptocurrency wallets, makes it a potent threat, particularly to users holding digital assets.
The malware spreads through phishing campaigns, malicious downloads, and compromised websites, often hidden within pirated software or gaming mods. Lumma Stealer employs various evasion tactics, such as encrypting communications with its command-and-control server and using obfuscation techniques to avoid detection by antivirus programs. Its ability to bypass security measures and harvest valuable information makes it a dangerous tool for cybercriminals.
No comments:
Post a Comment