Beware of cybercriminals using CAPTCHA to deceive individuals attempting to download the jailbreak version of the game Black Myth Wukong. Reports from McAfee Labs reveal that hackers are exploiting CAPTCHA tools to mask malware, leading unsuspecting users to believe that the content or website they are accessing is legitimate.
The notorious Lumma Stealer malware, which emerged in 2022, is designed to pilfer sensitive data such as login credentials, stored passwords, browser cookies, and even cryptocurrency wallets. Once the system is infected, this malware covertly gathers information and transmits it to a server controlled by hackers. Its ability to infiltrate popular browsers like Chrome, Firefox, and Edge, coupled with its capability to hijack cryptocurrency wallets, makes Lumma Stealer a potent weapon in the hands of cybercriminals.
Researchers at McAfee Labs have identified fake CAPTCHA pages as part of the infection chain used to disseminate Lumma Stealer. They have pinpointed two primary infection vectors: through URLs for downloading cracked game versions and phishing emails.
To protect yourself from such threats, it is crucial to avoid websites offering cracked software and games and refrain from downloading content from unreliable sources. Additionally, regular user education on phishing tactics and schemes, the installation and maintenance of updated anti-virus software on all devices, robust email filtering to block phishing attempts and malicious attachments, and ensuring that operating systems, software, and applications are always updated with the latest security patches are essential measures for safeguarding against such cyber threats.