Clever Social Engineering Attack Using Captchas
https://isc.sans.edu/diary/rss/31282
is really interesting.
It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually runs a script that is copied to the command line.
Clever.
https://www.schneier.com/blog/archives/2024/09/clever-social-engineering-attack-using-captchas.html
Schneier on Security (RSS Feed) /
npub1pq…l0mzp
2024-09-20 15:32:37
Author Public Key
npub1pq90j4vh97m4qtpmrzl6gzfhwc6pvxsmuzcvrrhnl2xqpp7xjy4q2l0mzpPublished at
2024-09-20 15:32:37Event JSON
{
"id": "4f3daad2c3f7cb231e5d1d07712e41f1b4651ceba4847f10bbbde6ef8008caed",
"pubkey": "080af955972fb7502c3b18bfa409377634161a1be0b0c18ef3fa8c0087c6912a",
"created_at": 1726846357,
"kind": 1,
"tags": [
[
"t",
"Uncategorized"
],
[
"t",
"captchas"
],
[
"t",
"malware"
],
[
"t",
"social engineering"
],
[
"proxy",
"https://www.schneier.com/feed/atom/#https%3A%2F%2Fwww.schneier.com%2Fblog%2Farchives%2F2024%2F09%2Fclever-social-engineering-attack-using-captchas.html",
"rss"
]
],
"content": "Clever Social Engineering Attack Using Captchas\n\nhttps://isc.sans.edu/diary/rss/31282\n is really interesting.\nIt’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually runs a script that is copied to the command line.\nClever.\n\n\nhttps://www.schneier.com/blog/archives/2024/09/clever-social-engineering-attack-using-captchas.html",
"sig": "f1c6ade15a1df37a8b3009acf08608b5d4664c25b496d0d4b32936c9e5ae5f141585120f953419d0f3b3f2dda9a40729dc5a6034f0bba9bd562071552ca92867"
}