ClearFake, a JavaScript malware framework identified in July 2023, has evolved to use advanced social engineering tactics. The latest variant, discovered in December 2024, employs fake reCAPTCHA and Cloudflare verification to execute malicious PowerShell code. Utilizing blockchain for delivery, it complicates analysis and removal, exposing thousands of users daily through compromised websites.

Phony CAPTCHA checks trick targets to download malware
Cyber attackers are using fake CAPTCHA checks to trick users into downloading malware, according to HP Wolf’s Threat Insight Report. The method exploits the complacency