CAPTCHA or trap? Windows users tricked into installing malware on their PCs

StealC malware campaign exploits fake CAPTCHA pages to steal sensitive data while blending into normal system activity.

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
IEEE

When XAI Meets CAPTCHA: A Case Study

Abstract: In the rapidly evolving landscape of cybersecurity, the need for robust and transparent defenses against automated attacks is paramount. This paper examines the current landscape of ...

Archive.today CAPTCHA page executes DDoS; Wikipedia considers banning site

Wikipedia editors are discussing whether to blacklist Archive.today because the archive site was used to direct a distributed denial of service (DDoS) attack against a blogger who wrote a post in 2023 ...

Archive.today: Operator uses users for DDoS attack

The operator of Archive.today is unknowingly using visitors to their site for a DDoS attack. A Finnish blogger is affected.
GitHub

Python library for interacting with the Solvecaptcha API (captcha-solving service)

A simple and efficient method to integrate the Solvecaptcha captcha-solving service into your code, enabling the automation of solving various types of captchas. Examples of API requests for different ...
GitHub

CapBypass TypeScript/JavaScript SDK

Official TypeScript/JavaScript SDK for the CapBypass CAPTCHA solving service. Supports reCAPTCHA v2, reCAPTCHA v3, and AWS WAF challenges. Works in both Node.js and browser environments.
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

Cybersecurity researchers have disclosed details of a new campaign that combines ClickFix-style fake CAPTCHAs with a signed Microsoft Application Virtualization (App-V) script to distribute an ...