Hackers continue to target Windows users by exploiting existing vulnerabilities and installing malware. Security experts have discovered a new type of malware that spreads through fake human authentication pages. Attackers use a variety of platforms to set up phishing websites, often relying on content delivery networks. These sites trick users by displaying fake Google CAPTCHA pages and secretly install malware known as Lumma Stealer.
Get security alerts, tips from experts – Sign up for Cart Newsletter – Cyber Guy Report here
What you need to know
Cloudsek researchers have discovered details about a new and sophisticated way hackers spread the Lumma Stealer malware. They target Windows users with fake human authentication pages. Palo Alto Networks Unit 42 first reported these fake pages and noted how they are being used to spread malware.
“These pages have buttons that, when clicked, provide instructions for the victim to paste a PowerShell script into the run window. Copying/pasting this PowerShell script retrieves and executes the Lumma Stealer malware Windows EXE. ,” explained Unit 42 threat hunter Paul Michaud II. .
Latest research by Cloudsek reveals more active malicious sites spreading Lumma Stealer. The researchers explained that clicking the “I’m not a robot” button on the fake authentication page would copy a PowerShell script to the clipboard. Pasting this command into the Run dialog box launches PowerShell in a hidden window and runs the Base64-encoded command.
This command retrieves further instructions from a text file on the remote server and downloads the Lumma Stealer malware. When the downloaded file named “dengo.zip” is unzipped and executed on a Windows computer, Lumma Stealer activates and connects to domains controlled by the attacker. Researchers also said that malware distributed through this page could easily switch to other malicious files.
Cyber crooks use AI to manipulate Google search results
Your best bet is to update your PC
Make sure your Windows system, browser, and antivirus software are regularly updated to protect against known vulnerabilities. Software updates often include patches for security vulnerabilities that hackers exploit. Keeping your operating system, browser, and apps up to date closes these gaps and makes it harder for malware to get in. Follow these simple steps to update your Windows software and benefit from the latest security patches.
For Windows 10 and Windows 11
Click the (Start) menu and select (Settings) (or press the Windows key + I shortcut). In the (Settings) window, click (Update & Security). In the (Windows Update) section, click (Check for updates). When you download a patch for a Wi-Fi driver vulnerability, Windows automatically downloads and installs it. Once the installation is complete, you may be asked to restart your computer to apply the update.
For Windows 8.1 and earlier versions
Open (Control Panel) and go to (System and Security). In the (Windows Update) section, click (Check for updates). If updates containing Wi-Fi driver vulnerability patches are available, select them and click (Install updates). Follow the on-screen instructions to complete the installation process. Restart your computer when prompted to apply the update.
Prevent people nearby from hearing your voicemails with this simple tip
5 more ways to protect yourself from Lumma malware
1) Use strong antivirus software: Good antivirus software can detect and block threats like Lumma Stealer before they can cause any damage. Don’t click on suspicious or unfamiliar links, especially from emails or websites that ask for human verification. The best way to protect yourself from malicious links that can install malware and access your personal information is to install strong antivirus software on all your devices. This protection also warns you about phishing emails and ransomware scams, keeping your personal information and digital assets safe. Check out my picks for the best antivirus protection products of 2024 for your Windows, Mac, Android, and iOS devices.
2) Check CAPTCHA pages: Genuine Google CAPTCHA pages do not ask you to download files or paste commands. If you feel something is wrong, please close the page.
3) Avoid running unexpected commands: Don’t paste or run commands that you don’t understand or that you’ve copied from random websites (such as PowerShell scripts). Attackers often use this method to trick users into running malware without their knowledge.
4) Keep your software up to date: Regularly update your operating system, browser, and all software applications. Updates often include patches for security vulnerabilities that malware can exploit.
5) Use two-factor authentication (2FA): Enable 2FA on all accounts. This provides an extra layer of security by requiring a second form of verification, making it difficult for attackers to gain access even if they know the password.
A flaw in Windows could allow hackers to break into your PC via Wi-Fi
Cart important points
Lumma Stealer shows how sneaky cyberattacks have become, especially with fake verification pages tricking Windows users. Hackers are getting creative, using fake CAPTCHA buttons to sneak PowerShell commands into systems and run data-stealing malware. The best way to stay safe is to be wary of sketchy websites, avoid running random commands, keep your antivirus up to date, and make sure your system is patched.
Have you ever been a victim of a phishing attack or fake verification page? How did you deal with it? Email us at Cyberguy.com/Contact.
CLICK HERE TO GET THE FOX NEWS APP
For more of my tech tips and security alerts, visit Cyberguy.com/Newsletter and subscribe to my free CyberGuy Report newsletter.
Ask Kurt a question or let us know your story you’d like us to cover.
Follow Kurt on his social channels.
Answers to CyberGuy frequently asked questions:
New from cart:
Copyright 2024 CyberGuy.com. Unauthorized reproduction is prohibited.