Hackers are utilizing fake Captcha prompts to distribute Lumma Stealer malware, which targets sensitive information on infected devices, including passwords and cryptocurrency wallet data. Research from DNSFilter indicates that the malicious prompts were first spotted on a Greek banking website, where users were tricked into executing commands that led to malware delivery. The malware operates as Malware-as-a-Service, offering subscriptions to cybercriminals, making it a sustainable illegal enterprise. Notably, 17% of those exposed to the fake Captchas engaged with them, increasing the risk of malware infection. Lumma Stealer swiftly collects browser-stored credentials, two-factor authentication tokens, and system information, allowing attackers to exploit this data for financial theft. Despite prior crackdowns, including domain seizures by law enforcement, Lumma Stealer has reportedly resurfaced, highlighting its persistent threat. The low subscription cost and significant potential gains contribute to the malware's widespread impact, with recent estimates suggesting millions lost to related exploits.

Source đź”—