New findings by security experts showed that a new malware called Lumma Stealer spreads via human verification pages disguised as Google's CAPTCHA system. If you're a Windows user, beware of the hackers spreading this via human verification pages disguised as Google's CAPTCHA system.
Fake Verification Pages Contain Malware
Threat actors direct users to phishing websites hosted on different platforms, including Content Delivery Networks (CDNs).
According to Cloudsek researchers, they face these schemes by creating fake human verification pages forcing the user to download malware. The whole process is very simple, yet effective: a user clicking on a link finds himself on a page, supposedly Google CAPTCHA, asking him to click on the "I am not a robot" button. From that point, an unsuspecting user starts a really dangerous chain reaction.
When the fake CAPTCHA is clicked, a PowerShell script is copied to the user's clipboard. On pasting and running this command, the hidden PowerShell window launches an encoded base64 script that obtains further instructions from a remote server. This downloads and executes Lumma Stealer malware, which, without an easy replacement process, connects to attacker-controlled domains.
Lumma Stealer on Alarming Scale
First discovered by Palo Alto Networks' Unit 42, the Lumma Stealer malware is malware that targets Windows computers by stealing sensitive information from them. It does this through remote server access so hackers can steal data remotely from the infected system.
The said malware spreads through a zip file named "dengo.zip" which activates once opened and executed. Experts cautioned that this method is becoming trendy, as increasing malicious sites crop up each day.
Safety Tips for Windows 11 and Older Versions
According to FoxNews, the easiest way to keep your computer safe from Lumma Stealer and many other dangers is to update your software. Windows updates aside from the more general browser and antivirus patches, close security holes hackers exploit. Here is how to make sure that your system is safe:
For Windows 10 and 11
- Select Start and click on Settings or press the Windows key + I.
- Go to Update & Security and click Check for updates.
- Windows will automatically download and install the updates.
- Once you are done restart your computer if it requires a restart
For Windows 8.1 and Older Versions:
- Open the Control Panel and look for System and Security.
- Click Check your update under the option of Windows Update
- Select all the available updates and then install them. Now, once you get some prompts go ahead and restart your system.
More Ways to Protect Yourself From Lumma Malware
Besides updating your software, here are five things you do to protect yourself against Lumma Stealer and other cyber threats:
Use Powerful Antivirus Software
Install antivirus protection on all your devices. Powerful antivirus software can detect and stop the spread of Lumma Stealer attacks before they have a chance to cause more damage.
Enable Two-Factor Authentication (2FA)
Activate 2FA on all accounts. This second layer of security makes it much, much tougher for hackers to get access even if they do gain possession of your password.
Do Not Fall for Fake CAPTCHA Pages
To distinguish CAPTCHA from fake pages, remember that legitimate CAPTCHA pages will not ask for a download or running of commands. If you land on a verification page that appears suspicious, close it instantly to avoid accidentally enabling malware.
Do Not Run Unknown Commands
Never copy and paste commands from an unknown website, especially a PowerShell script. This method is often used by hackers to make unsuspecting users unknowingly execute malware.
