Hackers Hide Banking Malware within a Fake Google reCAPTCHA

BFSI News

Hackers-Hide-Banking-Malware-within-a-Fake-Google-reCAPTCHA Hackers Hide Banking Malware within a Fake Google reCAPTCHAIn a recent bizarre set of events, a famous Polish bank was recently targeted by hackers. The bank which was not named, recently was under a phishing attack, as per website security platform Sucuri. Hackers, with evil intent, placed a malicious file in a fake Google reCAPTCHA to lure victims into downloading a banking malware.

Further describing the incident, Sucuri said that the phishing campaign employed both the impersonation and panic/bait techniques within an email to force unwary users to download. Impersonation phishing techniques involve pretention of being a popular brand or product via specially crafted contents such as emails, SMS, or social media networks. Further, to make them more enticing, they may even include a victim’s personal details such as name, email address, or account number. And the panic/bait technique is generally used to further elaborate a fake situation creating a sense of urgency or panic in the victim, who then unknowingly clicks a link and assists the hacker to breach in.

Warning bank users, Sucuri said that bank users receiving this campaign would likely be alarmed by an email asking them to confirm if an unknown transaction ever happened. The attempt which was recently used was kind of unique, something not typically seen in a phishing attack. The typical phishing attack often consists of a PHP mailer and file(s) used to construct the phishing page itself, which in most cases is an exact replica of the targeted institutions’ login page.

But, this incident which was rather unique, boasted a PHP file that serves a fake 404 error page to its visitors that have specifically defined user-agents.