Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell

Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell Introduction: We recently identified a new malware campaign using fake CAPTCHA pages to deliver Lumma Stealer, an infostealer operating under the malware-as-a-service (MaaS) model, first discovered in 2022. In previous campaigns, including those in mid-2024, attackers used ClickFix a deceptive tactic involving phishing and fake […]

The post Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.

February 25, 2025
Read More >>

Domain Escalation – Backup Operator

The Backup Operators is a Windows built-in group. Users which are part of this group have permissions to perform backup and restore operations. More specifically,… Continue reading → Domain Escalation – Backup Operator

January 22, 2024
Read More >>

Domain Escalation – Backup Operator

The Backup Operators is a Windows built-in group. Users which are part of this group have permissions to perform backup and restore operations. More specifically,… Continue reading → Domain Escalation – Backup Operator

January 22, 2024
Read More >>

Persistence – Event Log

Windows Event logs are the main source of information for defensive security teams to identify threats and for administrators to troubleshoot errors. The logs are… Continue reading → Persistence – Event Log

January 8, 2024
Read More >>

Persistence – Event Log

Windows Event logs are the main source of information for defensive security teams to identify threats and for administrators to troubleshoot errors. The logs are… Continue reading → Persistence – Event Log

January 8, 2024
Read More >>

Operation RusticWeb targets Indian Govt: From Rust-based malware to Web-service exfiltration

SEQRITE Labs APT-Team has uncovered a phishing campaign targeting various Indian government personnel since October 2023. We have also identified targeting of both government and private entities in the defence sector over December. New Rust-based payloads and encrypted PowerShell commands have been utilized to exfiltrate confidential documents to a web-based service engine, instead of a dedicated command-and-control (C2) server. With actively […]

The post Operation RusticWeb targets Indian Govt: From Rust-based malware to Web-service exfiltration appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.

December 21, 2023
Read More >>