Malicious CAPTCHA delivers Lumma and Amadey Trojans
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting these social engineering lures. Once executed, Lumma abuses legitimate BitLocker functionality to harvest cryptocurrency wallets, passwords, and browser data, while Amadey gathers credentials and can deploy Remcos remote access trojan.
OPENCTI LABELS :
lumma,amadey,malvertising,remcos,adware,infostealers,social-engineering,captcha
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Malicious CAPTCHA delivers Lumma and Amadey Trojans