Fake CAPTCHAs and Phishy PDFs: The Cybercrime Comedy Show You Didn’t Ask For!

Cybersecurity researchers have uncovered a phishing campaign using fake CAPTCHA images to deliver Lumma Stealer malware. Hosted on Webflow’s CDN, these PDFs trick users into downloading malware. With 260 domains and 5,000 phishing files, attackers use SEO tactics and fake CAPTCHAs to target victims across North America, Asia, and Southern Europe.

3P
Published: February 28, 2025 2:56 pmAdded: February 28, 2025 at 7:02 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew fake CAPTCHAs could be more annoying than real ones? This phishing campaign serves up a buffet of deception, cleverly mixing SEO magic with malware trickery. It’s like a bad buffet, where everything looks appetizing but leaves you with a stomachache and a compromised computer.

Key Points:

  • Fake CAPTCHAs in PDFs on Webflow’s CDN lead to Lumma Stealer malware.
  • 5,000 phishing PDFs across 260 domains target over 7,000 users.
  • SEO manipulation tricks users into clicking malicious links.
  • Lumma Stealer logs are shared for free on a new hacking forum.
  • Phishing also uses JavaScript with invisible Unicode characters.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?