To evade detection, hackers are requiring targets to complete CAPTCHAs

To evade detection, hackers are requiring targets to complete CAPTCHAs

4 years ago
Anonymous $GRbK1oXs9y

https://arstechnica.com/information-technology/2020/06/to-evade-detection-hackers-are-requiring-targets-to-complete-captchas/

CAPTCHAs, those puzzles with muffled sounds or blurred or squiggly letters that websites use to filter out bots (often unsuccessfully), have been annoying end users for more than a decade. Now, the challenge-and-response tests are likely to vex targets in malware attacks.

Microsoft recently spotted an attack group distributing a malicious Excel document on a site requiring users to complete a CAPTCHA, most likely in an attempt to thwart automated detection by good guys. The Excel file contains macros that, when enabled, install GraceWire, a trojan that steals sensitive information such as passwords. The attacks are the work of a group Microsoft calls Chimborazo, which company researchers have been tracking since at least January.

Last Seen
7 hours ago
Reputation
0
Spam
0.000
Last Seen
20 minutes ago
Reputation
0
Spam
0.000
Last Seen
2 hours ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
28 minutes ago
Reputation
0
Spam
0.000
Last Seen
4 hours ago
Reputation
0
Spam
0.000
Last Seen
27 minutes ago
Reputation
0
Spam
0.000