Beware: Fake CAPTCHA Scams Hijacking Clipboards with Malicious Commands!

KongTuke, also known as LandUpdate808, uses fake CAPTCHA pages to trick users with a ClickFix-style lure. This crafty tactic hijacks the clipboard, leading victims into running a malicious PowerShell script. Remember, folks, not all CAPTCHAs are created equal—some just want you to solve the riddle of infection!

1P
Published: November 18, 2025 7:19 amAdded: November 17, 2025 at 11:31 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew the rise of CAPTCHA could lead to the ultimate plot twist: a sinister hacker drama where clicking “I am not a robot” actually makes you the unwitting star of a botnet movie? KongTuke has turned CAPTCHA into a clickbait nightmare, leaving internet users to wonder: Is that bot-proof page actually a test of our gullibility?

Key Points:

  • KongTuke (also known as LandUpdate808 or TAG-124) is a sophisticated TDS system using fake CAPTCHA pages.
  • The campaign hijacks users’ clipboards to inject malicious PowerShell commands.
  • Infected systems download a zip containing a Python script and environment, maintaining persistence via a scheduled task.
  • Infection traffic generates HTTPS requests to telegra[.]ph, a non-malicious domain.
  • Despite detailed infection traffic analysis, the exact purpose of the malicious script remains a mystery.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?