Malware makers start using CAPTCHAs to avoid detection

Posted on Thursday, June 18 2020 @ 14:10 CEST by Thomas De Maesschalck

ARS Technica reports malware makers have started using CAPTCHAs. Microsoft reports on its Security Intelligence twitter handle that it discovered an attack group that's distributing a malicious Excel file on a website that requires users to complete a CAPTCHA. The reason is pretty simple; to prevent security researchers from using automated analysis tools.

Requiring the successful completion of a CAPTCHA means analysis will only happen when a live human being downloads the sample. Without the automation, the chances of the malicious file flying under the radar are much better. Microsoft has dubbed Chimborazo’s ongoing attack campaign Dudear.

CHIMBORAZO, the group behind Dudear campaigns that deploy the info-stealing Trojan GraceWire, evolved their methods once again in constant pursuit of detection evasion. The group is now using websites with CAPTCHA to avoid automated analysis. pic.twitter.com/Kz3cdwYDd7
— Microsoft Security Intelligence (@MsftSecIntel) June 17, 2020

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!