Malicious CAPTCHA delivers Lumma and Amadey Trojans

NetmanageIT OpenCTI - opencti.netmanageit.com

Malicious CAPTCHA delivers Lumma and Amadey Trojans



SUMMARY :

An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting these social engineering lures. Once executed, Lumma abuses legitimate BitLocker functionality to harvest cryptocurrency wallets, passwords, and browser data, while Amadey gathers credentials and can deploy Remcos remote access trojan.

OPENCTI LABELS :

lumma,amadey,malvertising,remcos,adware,infostealers,social-engineering,captcha


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Malicious CAPTCHA delivers Lumma and Amadey Trojans