Security News
This is really interesting. It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually runs a script that is copied to the command line. Clever.
A developer that researchers now track as Greasy Opal, operating as a seemingly legitimate business, has been fueling the cybercrime-as-a-service industry with a tool that bypasses account...
Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One...
Companies are losing revenue in the fight against malicious bot attacks, according to survey by Kasada. Despite spending millions of dollars on traditional bot management solutions, companies are still financially impacted by bot attacks.
Abstract: For nearly two decades, CAPTCHAS have been widely used as a means of protection against bots. Throughout the years, as their use grew, techniques to defeat or bypass CAPTCHAS have continued to improve.
Tired of those annoying CAPTCHA images that leave you feeling like you're solving a puzzle just to log in online? Learn how to use Apple's "CAPTCHA killer" feature called Automatic Verification in iOS 16. CAPTCHAs can be quite annoying when you just want to try to create a new account or log in to a website.
"Because cybercriminals are keen on breaking CAPTCHAs accurately, several services that are primarily geared toward this market demand have been created," Trend Micro said in a report published last week. "These CAPTCHA-solving services don't use techniques or advanced machine learning methods; instead, they break CAPTCHAs by farming out CAPTCHA-breaking tasks to actual human solvers."
A South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to create GitHub accounts in a programmatic fashion as part of a freejacking campaign dubbed PURPLEURCHIN. The group "Primarily targets cloud platforms offering limited-time trials of cloud resources in order to perform their crypto mining operations," Palo Alto Networks Unit 42 researchers William Gamazo and Nathaniel Quist said. PURPLEURCHIN first came to light in October 2022 when Sysdig disclosed that the adversary created as many as 30 GitHub accounts, 2,000 Heroku accounts, and 900 Buddy accounts to scale its operation.
According to Palo Alto Networks Unit 42, the threat actors use a new CAPTCHA solving system, follow a more aggressive use of CPU resources for mining, and mixe 'freejacking' with the "Play and Run" technique to abuse free cloud resources. Whereas Sysdig identified 3,200 malicious accounts belonging to 'PurpleUrchin,' Unit 42 now reports that the threat actor has created and used over 130,000 accounts on the platforms since August 2019, when the first signs of its activities can be traced.
