How Threat Actors Exploit Human Trust: A Breakdown of the 'Prove You Are Human' Malware Scheme
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A malicious campaign exploits user trust through deceptive websites, including spoofed Gitcodes and fake Docusign verification pages. Victims are tricked into running malicious PowerShell scripts on their Windows machines, leading to the installation of NetSupport RAT. The multi-stage attack uses clipboard poisoning and fake CAPTCHAs to deliver the malware. The campaign involves multiple domains, uses ROT13 encoding, and creates persistent infections. Similar techniques were observed in other spoofed content, including Okta and popular media apps. The attack capitalizes on user familiarity with common online interactions, emphasizing the need for vigilance and skepticism in online activities.
OPENCTI LABELS :
social engineering,netsupport rat,captcha,clipboard poisoning,gitcodes
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
How Threat Actors Exploit Human Trust: A Breakdown of the 'Prove You Are Human' Malware Scheme