ReliaQuest has published a research report highlighting the increase in malicious campaigns that use fake CAPTCHA pages for malware distribution.
From October to early December 2024, ReliaQuest customers reported nearly double the number of fake CAPTCHA websites compared to the previous month, September. This rise was potentially caused by the public availability of the templates used in these campaigns, which provided threat actors with easy access to copy the tactics.
The research identified malware campaigns using fake CAPTCHA pages that mimic services such as Google and CloudFlare, which trick users into executing commands via the Windows Run prompt. This typically results in the installation of information stealers and remote-access trojans (RATs) that can…