Crooks compromise WordPress sites to push infostealers via fake CAPTCHA prompts
Summary
Attackers are compromising legitimate WordPress websites, including a US Senate candidate's campaign site, to distribute infostealer malware. These compromised sites are leveraged to present fake CAPTCHA prompts, tricking users into downloading malicious software.
IFF Assessment
This attack leverages legitimate websites to distribute malware, making it harder for defenders to distinguish malicious traffic from legitimate user interactions.
Defender Context
This attack highlights the continued risk posed by compromised websites and the creative social engineering tactics employed by threat actors. Defenders should focus on securing website content management systems like WordPress, educating users about the dangers of fake CAPTCHAs, and employing robust endpoint protection to detect and block infostealer malware.