Windows Centralは2月17日(現地時間)、偽のCAPTCHA認証ページを用いる新しいClickFix戦術の発見を伝えた。これはLevelBlueの調査により明らかになった攻撃手法。CloudflareのCAPTCHA認証ページを模倣して情報窃取マルウェア「StealC」を配布したという。

Windowsユーザーをターゲットに、「CAPTCHA」を装ってユーザー自身に悪意のあるコマンドを実行させる「ClickFix」攻撃が報告されている。高度な情報窃取型マルウェアに感染する恐れがあり、キーボード操作を求める画面には警戒が必要である。

Experts have identified the three digital lifestyles most targeted by cyber criminals – here’s what they are, and what you ...

Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack ...

StealC malware campaign exploits fake CAPTCHA pages to steal sensitive data while blending into normal system activity.

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

The FBI warned in 2023 that “thousands of skilled IT workers” were moving abroad from North Korea and setting up as freelance IT professionals, warning recruiters to be wary of remote workers who ...

A North Korean attack group is running a scam operation called the Graphalgo, wherein they use fake job schemes to deliver malware.

For those unfamiliar with Operation Dream Job, it is an ongoing campaign created by North Korean state-sponsored hackers.

A widespread cyberattack involving fraudulent Google Chrome extensions has impacted over 300,000 users by leveraging the current demand ...

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...