Lumma Stealer malware, available through a Malware-as-a-Service model, is using fake CAPTCHA pages to trick users into executing a persistent attack. The Qualys Threat Research Unit discovered that clicking the CAPTCHA ‘I’m not a robot’ button activates a malicious PowerShell command that downloads malware onto the target machine. It then looks for sensitive files and data linked to passwords and cryptocurrency, which it sends to a command and control server.
Bumblebee malware infection chain seen for the first time since May
Netskope Threat Labs researchers discovered a new infection chain belonging to the infamous Bumblebee malware. The malware was initially disrupted in Europol’s May 2024 operation