Phony Captcha checks the trick goals for downloading malware

Threat players are increasingly trying to get goals to infect malware with malware via false captcha checks. In his quarterly threat report, HP Wolf said that attackers are more dependent on the wrong checks in order to direct their goals to download and execute malware. I have become a routine for most end users if they register or return to a new service after a long absence. This familiarity enables threat actors to transform supposed captcha reviews into an opportunity to install malware. In the attack, the user receives an incorrect test with instructions for opening the Windows run menu and inserts a script to share and execute the system for downloading and executing a Trojan. From there, the attacker can produce a link with a command and control server and then turn to attack other systems in the network. The attack is not only effective because it is played on Captcha tests on the user's own complacency, but also because direct inputs of direct entries from authorized users dodge far more. Resources for the implementation of a malware campaign, “said the HP researchers.” Hosting in legitimate cloud -hosting services helps the attackers with recognition, since the IP addresses and domains are often serious, whereby threatening actors such as web safety proxies, which have been observed on the call of web capcha prop. -Wolf team to observe the HP -Wolf team for download and to the Malware -Last itself, published a report on an ongoing attack against Hospitality at the beginning of this month to infect them with malware. Engineering attacks, HP Sure Click Enterprise customers can configure their provisions in such a way that the joint use of intermediate shelves deactivates the Klemmboard release.