www.mcafee.com Open in urlscan Pro
104.102.55.193  Public Scan

Submitted URL: http://mcafee.com/blogs/other-blogs/mcafee-labs/behind-the-captcha-a-clever-gateway-of-malware/
Effective URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/behind-the-captcha-a-clever-gateway-of-malware/
Submission: On September 23 via api from DE — Scanned from DE

Form analysis 4 forms found in the DOM

https://www.mcafee.com/blogs

<form class="desktop-search-form-v2" action="https://www.mcafee.com/blogs">
  <div><span class="search_icon_desktop"> <img src="/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/search_icon_black.svg" alt="search grey icon"> </span></div>
  <div class="desktop-search-div"><input class="dsk-search" autocomplete="off" name="s" type="text" placeholder="Search"></div>
</form>

https://www.mcafee.com/blogs

<form class="desktop-search-form" style="display: none;" action="https://www.mcafee.com/blogs">
  <div class="desktop-search-div"><input class="dsk-search" autocomplete="off" name="s" type="text" placeholder="Type and hit enter..."></div>
  <div><span class="close_icon_desktop"> <img src="https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/cross-grey-icon.svg" alt="close grey icon"> </span></div>
</form>

https://www.mcafee.com/blogs

<form class="form-inline my-2 my-lg-0" action="https://www.mcafee.com/blogs">
  <div class="input-group mb-3 search-div">
    <div class="input-group-append"><button class="sarch-btn" type="button"><span class="fa fa-search" title="Type and hit enter..."><span style="display: none;">.</span></span> </button>
    </div>
  </div>
</form>

https://www.mcafee.com/blogs

<form action="https://www.mcafee.com/blogs" class="desktop-search-form" style="display: none;">
  <div class="desktop-search-div">
    <input class="dsk-search" name="s" type="text" placeholder="Type and hit enter..." autocomplete="off">
  </div>
  <div><span class="close_icon_desktop">
      <img src="https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/cross-grey-icon.svg" alt="close grey icon">
    </span>
  </div>
</form>

Text Content

 * Products
   
    * All-In-One Protection
      
      * NEW
        McAfee+ Individual Plans
        
        Complete privacy, identity and device protection for individuals.
      
      * NEW
        McAfee+ Family Plans
        
        Complete privacy, identity and device protection for up to 6 family
        members.
   
    * Other Products & Services
      
      * Antivirus
      * Scam Protection
      * Virtual Private Network (VPN)
      * Mobile Security
      * PC Optimizer
      * TechMaster Concierge
      * McAfee Assist
   
    * Free Tools & Downloads
      
      * Web Protection
      * Free Antivirus Trial
      * Device Security Scan
      * Password Generator

 * Features
   
    * Keep Me Private Online
      
      * Personal Data Cleanup
      * Online Account Cleanup
      * VPN (Virtual Private Network)
      * Social Privacy Manager
   
    * Safeguard My Identity
      
      * Identity Monitoring
      * Credit Monitoring
      * Security Freeze
      * Identity Theft Coverage & Restoration
      * Password Manager
   
    * Protect My Devices
      
      * Antivirus
      * Scam Protection
      * Web Protection
   
    * Protect My Family
      
      * Protection Score
      * Parental Controls
      * Family Plans

 * Resources
   
    * Stay Updated
      
      * McAfee Blog
      * Reports and Guides
      * McAfee on YouTube
      * Prevent Spam and Phishing
   
    * Learn More
      
      * Learn at McAfee
      * What is Antivirus?
      * What is a VPN?
      * What is Identity Theft?
   
    * Press & News
      
      * McAfee Newsroom
      * AI News & Scams

 * About Us
   
    * Our Company
      
      * Company Overview
      * Awards & Reviews
      * Investors
   
    * Our Efforts
      
      * Inclusion & Diversity
      * Integrity & Ethics
      * Public Policy
   
    * Join Us
      
      * Careers
      * Life at McAfee
      * Our Teams
      * Our Locations

 * Why McAfee

Products

All-In-One Protection

NEW McAfee+ Individual Plans

Complete privacy, identity and device protection for individuals.

NEW McAfee+ Family Plans

Complete privacy, identity and device protection for up to 6 family members.

Other Products & Services

Antivirus

Scam Protection

Virtual Private Network (VPN)

Mobile Security

PC Optimizer

TechMaster Concierge

McAfee Assist

Free Tools & Downloads

Web Protection

Free Antivirus Trial

Device Security Scan

Password Generator

Features

Keep Me Private Online

Personal Data Cleanup

Online Account Cleanup

VPN (Virtual Private Network)

Social Privacy Manager

Safeguard My Identity

Identity Monitoring

Credit Monitoring

Security Freeze

Identity Theft Coverage & Restoration

Password Manager

Protect My Devices

Antivirus

Scam Protection

Web Protection

Protect My Family

Protection Score

Parental Controls

Family Plans

Resources

Stay Updated

McAfee Blog

Reports and Guides

McAfee on YouTube

Prevent Spam and Phishing

Learn More

Learn at McAfee

What is Antivirus?

What is a VPN?

What is Identity Theft?

Press & News

McAfee Newsroom

AI News & Scams

About Us

Our Company

Company Overview

Awards & Reviews

Investors

Our Efforts

Inclusion & Diversity

Integrity & Ethics

Public Policy

Join Us

Careers

Life at McAfee

Our Teams

Our Locations

Why McAfee
Support

Help

Customer Support

Support Community

FAQs

Contact Us

Activation

Activate Retail Card

Region

Asia Pacific

Australia - English

New Zealand - English

Singapore - English

Malaysia - English

Philippines - English

India - English

대한민국 - 한국어

日本 - 日本語

中国 - 简体中文

香港特別行政區 - 繁體中文

台灣 - 繁體中文

Europe

Česká Republika - Čeština

Danmark - Dansk

Suomi - Suomi

France - Français

Deutschland - Deutsch

Ελλάδα - Ελληνικά

Ireland - English

Magyarország - Magyar

ישראל - עברית

Italia - Italiano

Nederland - Nederlands

Norge - Bokmål

Polska - Polski

Portugal - Português

Россия - Русский

España - Español

Sverige - Svenska

Suisse - Français

Schweiz - Deutsch

Türkiye - Türkçe

العربية - العربية

United Kingdom - English

North America

United States - English

Canada - English

Canada - Français

South America

Argentina - Español

Brasil - Português

Chile - Español

Colombia - Español

México - Español

Perú - Español

Sign in
 * Support
   
    * Help
      
      * Customer Support
      * Support Community
      * FAQs
      * Contact Us
   
    * Activation
      
      * Activate Retail Card

 *  * Asia Pacific
      
      * Australia-English
      * New Zealand-English
      * Singapore-English
      * Malaysia-English
      * Philippines-English
      * India-English
      * 대한민국-한국어
      * 日本-日本語
      * 中国-简体中文
      * 香港特別行政區-繁體中文
      * 台灣-繁體中文
   
    * Europe
      
      * Česká Republika-Čeština
      * Danmark-Dansk
      * Suomi-Suomi
      * France-Français
      * Deutschland-Deutsch
      * Ελλάδα-Ελληνικά
      * Ireland-English
      * Magyarország-Magyar
      * ישראל-עברית
      * Italia-Italiano
      * Nederland-Nederlands
   
    *  
      
      * Norge-Bokmål
      * Polska-Polski
      * Portugal-Português
      * Россия-Русский
      * España-Español
      * Sverige-Svenska
      * Suisse-Français
      * Schweiz-Deutsch
      * Türkiye-Türkçe
      * العربية-العربية
      * United Kingdom-English
   
    * North America
      
      * United States-English
      * Canada-English
      * Canada-Français
   
    * South America
      
      * Argentina-Español
      * Brasil-Português
      * Chile-Español
      * Colombia-Español
      * México-Español
      * Perú-Español

 * Sign in


 * 
 * Blog
 * Topics
   How To Guides and Tutorials Internet Security Mobile Security Family Safety
   Privacy & Identity Protection Security News
 * At McAfee
   McAfee News Executive Perspectives McAfee Labs Life at McAfee Hackable?
   Podcast


 * English
   * Portuguese (BR)
   * Spanish
   * French(FR)
   * German
   * Italian
   * Japanese
   * French(CA)
   * Portuguese (PT)
   * Spanish (MX)
   * Dutch


   
 * 
   
 * Blog
 * Topics
   How To Guides and Tutorials Internet Security Mobile Security Family Safety
   Privacy & Identity Protection Security News
 * At McAfee
   McAfee News Executive Perspectives McAfee Labs Life at McAfee Hackable?
   Podcast
   

 * .
 * Portuguese (BR) Spanish French(FR) German Italian Japanese French(CA)
   Portuguese (PT) Spanish (MX) Dutch



Blog Other Blogs McAfee Labs Behind the CAPTCHA: A Clever Gateway of Malware


BEHIND THE CAPTCHA: A CLEVER GATEWAY OF MALWARE



McAfee Labs

Sep 20, 2024

8 MIN READ

Authored by Yashvi Shah and Aayush Tyagi


EXECUTIVE SUMMARY

McAfee Labs recently observed an infection chain where fake CAPTCHA pages are
being leveraged to distribute malware, specifically Lumma Stealer. We are
observing a campaign targeting multiple countries. Below is a map showing the
geolocation of devices accessing fake CAPTCHA URLs, highlighting the global
distribution of the attack.





Figure 1: Prevalence on the field

We identified two infection vectors leading users to these fake CAPTCHA pages:
one via cracked game download URLs, and the other through phishing emails.
GitHub users have been targeted by phishing emails prompting them to address a
fictitious “security vulnerability” in a project repository to which they have
contributed or subscribed. These emails direct users to visit
“github-scanner[.]com” for further information about the alleged security issue.

The ClickFix infection chain operates by deceiving users into clicking on
buttons like “Verify you are a human” or “I am not a robot.” Once clicked, a
malicious script is copied to the user’s clipboard. Users are then misled into
pasting the script after pressing the Windows key + R, unknowingly executing the
malware. This method of trickery facilitates the infection process, making it
easy for attackers to deploy malware.





Figure 2: Infection chain


ATTACK VECTORS AND TECHNICAL ANALYSIS

As illustrated in the diagram, users are redirected to fake CAPTCHA pages
through two main attack vectors:


1.     CRACKED GAMING SOFTWARE DOWNLOAD URLS:

Users attempting to download pirated or cracked versions of gaming software are
redirected to malicious CAPTCHA pages.





Figure 3: Search to download the cracked version of the game

When users search the Internet for free or cracked versions of popular video
games, they may encounter online forums, community posts, or public repositories
that redirect them to malicious links.





Figure 4: Runkit directing the user to download the game

In this instance, a public Runkit notebook hosts the malicious link (highlighted
in blue). When the user accesses the URL (highlighted in red), they are
redirected to fake CAPTCHA websites.





Figure 5: Redirection happening while accessing the link

On this page, after the user clicks the “I’m not a robot” button, a malicious
PowerShell script is copied to their clipboard, and they are prompted to execute
it.





Figure 6: Backend script on the click button

The website includes JavaScript functionality that copies the script to the
clipboard.





Figure 7: Decoded script

The script is Base64-encoded (highlighted in blue), to reduce the readability to
the user. Upon decoding it (highlighted in red), mshta was found to be
leveraged. The file hosted at https://verif.dlvideosfre[.]click/2ndhsoru
contains a Windows binary, having scripts appended as the overlay. Without the
overlay appended, the file is a clean Windows binary.





Figure 8: Windows binary with appended script

The mshta utility searches for the <script> tag within a file and executes the
script embedded in it, completely ignoring the binary portion of the file. This
allows attackers to embed malicious scripts alongside non-executable content,
making it easier for the malware to go undetected while still being executed
through mshta.





Figure 9: Obfuscated script appended in the downloaded file

Upon analysis, the script was found to be an encrypted JavaScript file,
utilizing two layers of encryption. This multi-level encryption obscures the
script’s true functionality, making detection and analysis more challenging for
security tools. Further analysis revealed that the decrypted JavaScript was
designed to download Lumma Stealer using AES-encrypted PowerShell command and
drop it in the Temp folder. This technique helps the malware avoid detection by
placing the payload in a commonly used, less scrutinized directory, facilitating
the next stage of the infection.





Figure 10: Process tree


2.     PHISHING EMAILS IMPERSONATING THE GITHUB TEAM

In the second vector, users receive phishing emails, often targeting GitHub
contributors, urging them to address a fake “security vulnerability.” These
emails contain links leading to the same fake CAPTCHA pages.





Figure 11: Phishing email impersonating GitHub

Once the user clicks on the link, they’re redirected to the fake captcha pages.





Figure 12: Fake CAPTCHA page

These pages use the same technique: the malicious script is copied to the
clipboard when the user clicks the button, and they are then prompted to execute
it.





Figure 13: Script copied onto clipboard

This script retrieves and executes the contents of a text file hosted on an
online server.





Figure 14: Invoking the remote script

The content of the text file contains PowerShell commands that download an
executable file or a zip file. These files are saved into the temp folder and
then executed. The downloaded files, in these cases, are Lumma Stealer samples.


DETECTION AND MITIGATION STRATEGIES

McAfee blocks this infection chain at multiple stages:

 1. URL blocking of the fake CAPTCHA pages.





Figure 15: McAfee blocking URLs

 2. Heuristic blocking of malicious use of mshta.





Figure 16: McAfee blocking the malicious behavior


CONCLUSION AND RECOMMENDATIONS

In conclusion, the ClickFix infection chain demonstrates how cybercriminals
exploit common user behaviors—such as downloading cracked software and
responding to phishing emails—to distribute malware like Lumma Stealer. By
leveraging fake CAPTCHA pages, attackers deceive users into executing malicious
scripts that bypass detection, ultimately leading to malware installation.

The infection chain operates through two main vectors: cracked gaming software
download URLs and phishing emails impersonating GitHub. In both cases, users are
redirected to malicious CAPTCHA pages where scripts are executed to download and
install malware. The use of multi-layered encryption further complicates
detection and analysis, making these attacks more sophisticated and harder to
prevent.

At McAfee Labs, we are committed to helping organizations protect themselves
against sophisticated cyber threats, such as the Clickfix social engineering
technique. Here are our recommended mitigations and remediations:

 1.  Conduct regular training sessions to educate users about social engineering
     tactics and phishing schemes.
 2.  Install and maintain updated antivirus and anti-malware software on all
     endpoints.
 3.  Implement robust email filtering to block phishing emails and malicious
     attachments.
 4.  Use network segmentation to limit the spread of malware within the
     organization.
 5.  Ensure all operating systems, software, and applications are kept up to
     date with the latest security patches.
 6.  Avoid downloading cracked software or visiting suspicious websites.
 7.  Verify URLs in emails, especially from unknown or unexpected sources.
 8.  Restrict clipboard-based scripts and disable automatic script execution.
 9.  Keep antivirus solutions updated and actively scan.
 10. Educate users to avoid suspicious CAPTCHA prompts on untrusted sites.
 11. Regularly patch browsers, operating systems, and applications.
 12. Monitor the Temp folder for unusual or suspicious files.


INDICATORS OF COMPROMISE (IOCS)

File Type SHA256/URLs  



 

Fake Captcha Websites URL Ofsetvideofre[.]click/ URL
Newvideozones[.]click/veri[.]html URL
Clickthistogo[.]com/go/67fe87ca-a2d4-48ae-9352-c5453156df67?var_3=F60A0050-6F56-11EF-AA98-FFC33B7D3D59
URL Downloadstep[.]com/go/08a742f2-0a36-4a00-a979-885700e3028c URL
Betterdirectit[.]com/ URL



URL

Betterdirectit[.]com/go/67fe87ca-a2d4-48ae-9352-c5453156df67



heroic-genie-2b372e[.]netlify[.]app/please-verify-z[.]html

URL Downloadstep[.]com/go/79553157-f8b8-440b-ae81-0d81d8fa17c4 URL
Downloadsbeta[.]com/go/08a742f2-0a36-4a00-a979-885700e3028c URL
Streamingsplays[.]com/go/6754805d-41c5-46b7-929f-6655b02fce2c URL
Streamingsplays[.]com/go/b11f973d-01d4-4a5b-8af3-139daaa5443f URL
Streamingszone[.]com/go/b3ddd860-89c0-448c-937d-acf02f7a766f?c=AOsl62afSQUAEX4CAEJPFwASAAAAAABQ
URL Streamingsplays[.]com/go/1c406539-b787-4493-a61b-f4ea31ffbd56 URL
github-scanner[.]shop/ URL github-scanner[.]com/ URL
botcheck.b-cdn[.]net/captcha-verify-v7.html

 

  Redirecting Websites URL Rungamepc[.]ru/?load=Black-Myth-Wukong-crack URL
game02-com[.]ru/?load=Cities-Skylines-2-Crack-Setup URL
Rungamepc[.]ru/?load=Dragons-Dogma-2-Crack URL
Rungamepc[.]ru/?load=Dying-Light-2-Crack URL
Rungamepc[.]ru/?load=Monster-Hunter-Rise-Crack

 

  Websites Containing Malicious URLs URL
Runkit[.]com/wukong/black-myth-wukong-crack-pc URL
Runkit[.]com/skylinespc/cities-skylines-ii-crack-pc-full-setup URL
Runkit[.]com/masterposte/dying-light-2-crack-on-pc-denuvo-fix URL
Runkit[.]com/dz4583276/monster-hunter-rise-crack-codex-pc/1.0.0/clone URL
Groups[.]google[.]com/g/hogwarts-legacy-crack-empress URL
By[.]tribuna[.]com/extreme/blogs/3143511-black-myth-wukong-full-unlock/

 

  Malware Samples PS
b6a016ef240d94f86e20339c0093a8fa377767094276730acd96d878e0e1d624 PS
cc29f33c1450e19b9632ec768ad4c8c6adbf35adaa3e1de5e19b2213d5cc9a54 ZIP
632816db4e3642c8f0950250180dfffe3d37dca7219492f9557faf0ed78ced7c ZIP
19d04a09e2b691f4fb3c2111d308dcfa2651328dfddef701d86c726dce4a334a EXE
d737637ee5f121d11a6f3295bf0d51b06218812b5ec04fe9ea484921e905a207 EXE
bbf7154f14d736f0c8491fb9fb44d2f179cdb02d34ab54c04466fa0702ea7d55 HTA
fa58022d69ca123cbc1bef13467d6853b2d55b12563afdbb81fc64b0d8a1d511

 

INTRODUCING MCAFEE+

Keep personal info private, avoid scams, and protect yourself with AI-powered
technology.

Download McAfee+ Now



Stay Updated

Follow us to stay updated on all things McAfee and on top of the latest consumer
and mobile security threats.


McAfee Labs Threat Research Team

McAfee Labs is one of the leading sources for threat research, threat
intelligence, and cybersecurity thought leadership. See our blog posts below for
more information.


MORE FROM MCAFEE LABS

Previous

FROM SPAM TO ASYNCRAT: TRACKING THE SURGE IN NON-PE CYBER THREATS

Authored by Yashvi Shah and Preksha Saxena AsyncRAT, also known as “Asynchronous
Remote Access Trojan,” represents a...

May 08, 2024   |   10 MIN READ

THE DARKGATE MENACE: LEVERAGING AUTOHOTKEY & ATTEMPT TO EVADE SMARTSCREEN

Authored by Yashvi Shah, Lakshya Mathur and Preksha Saxena McAfee Labs has
recently uncovered a novel infection...

Apr 29, 2024   |   13 MIN READ

REDLINE STEALER: A NOVEL APPROACH

Authored by Mohansundaram M and Neil Tyagi A new packed variant of the Redline
Stealer trojan was...

Apr 17, 2024   |   10 MIN READ

DISTINCTIVE CAMPAIGN EVOLUTION OF PIKABOT MALWARE

Authored by Anuradha and Preksha Introduction PikaBot is a malicious backdoor
that has been active since early...

Apr 02, 2024   |   10 MIN READ

CRACKED SOFTWARE OR CYBER TRAP? THE RISING DANGER OF ASYNCRAT MALWARE

Authored by Neil Tyagi In cybersecurity, threats constantly evolve, and new ways
to exploit unsuspecting users are...

Sep 19, 2024   |   14 MIN READ

NEW ANDROID SPYAGENT CAMPAIGN STEALS CRYPTO CREDENTIALS VIA IMAGE RECOGNITION

Authored by SangRyol Ryu Recently, McAfee’s Mobile Research Team uncovered a new
type of mobile malware that...

Sep 05, 2024   |   10 MIN READ

THE SCAM STRIKES BACK: EXPLOITING THE CROWDSTRIKE OUTAGE

Authored by Lakshya Mathur, Vallabh Chole & Abhishek Karnik Recently we
witnessed one of the most significant...

Jul 30, 2024   |   5 MIN READ

OLYMPICS HAS FALLEN – A MISINFORMATION CAMPAIGN FEATURING A VOICE CLONED ELON
MUSK

Authored by Lakshya Mathur and Abhishek Karnik As the world gears up for the
2024 Paris Olympics,...

Jul 26, 2024   |   6 MIN READ

CLICKFIX DECEPTION: A SOCIAL ENGINEERING TACTIC TO DEPLOY MALWARE

Authored by Yashvi Shah and Vignesh Dhatchanamoorthy McAfee Labs has discovered
a highly unusual method of malware...

Jul 11, 2024   |   9 MIN READ

QUALITY OVER QUANTITY: THE COUNTER-INTUITIVE GENAI KEY

It’s been almost two years since OpenAI launched ChatGPT, driving increased
mainstream awareness of and access to...

Jun 28, 2024   |   3 MIN READ

FAKE BAHRAIN GOVERNMENT ANDROID APP STEALS PERSONAL DATA USED FOR FINANCIAL
FRAUD

Authored by Dexter Shin Many government agencies provide their services online
for the convenience of their citizens....

May 31, 2024   |   7 MIN READ

HOW SCAMMERS HIJACK YOUR INSTAGRAM

Authored by Vignesh Dhatchanamoorthy, Rachana S Instagram, with its vast user
base and dynamic platform, has become...

May 14, 2024   |   6 MIN READ

FROM SPAM TO ASYNCRAT: TRACKING THE SURGE IN NON-PE CYBER THREATS

Authored by Yashvi Shah and Preksha Saxena AsyncRAT, also known as “Asynchronous
Remote Access Trojan,” represents a...

May 08, 2024   |   10 MIN READ

THE DARKGATE MENACE: LEVERAGING AUTOHOTKEY & ATTEMPT TO EVADE SMARTSCREEN

Authored by Yashvi Shah, Lakshya Mathur and Preksha Saxena McAfee Labs has
recently uncovered a novel infection...

Apr 29, 2024   |   13 MIN READ

REDLINE STEALER: A NOVEL APPROACH

Authored by Mohansundaram M and Neil Tyagi A new packed variant of the Redline
Stealer trojan was...

Apr 17, 2024   |   10 MIN READ

DISTINCTIVE CAMPAIGN EVOLUTION OF PIKABOT MALWARE

Authored by Anuradha and Preksha Introduction PikaBot is a malicious backdoor
that has been active since early...

Apr 02, 2024   |   10 MIN READ

CRACKED SOFTWARE OR CYBER TRAP? THE RISING DANGER OF ASYNCRAT MALWARE

Authored by Neil Tyagi In cybersecurity, threats constantly evolve, and new ways
to exploit unsuspecting users are...

Sep 19, 2024   |   14 MIN READ

NEW ANDROID SPYAGENT CAMPAIGN STEALS CRYPTO CREDENTIALS VIA IMAGE RECOGNITION

Authored by SangRyol Ryu Recently, McAfee’s Mobile Research Team uncovered a new
type of mobile malware that...

Sep 05, 2024   |   10 MIN READ

THE SCAM STRIKES BACK: EXPLOITING THE CROWDSTRIKE OUTAGE

Authored by Lakshya Mathur, Vallabh Chole & Abhishek Karnik Recently we
witnessed one of the most significant...

Jul 30, 2024   |   5 MIN READ

OLYMPICS HAS FALLEN – A MISINFORMATION CAMPAIGN FEATURING A VOICE CLONED ELON
MUSK

Authored by Lakshya Mathur and Abhishek Karnik As the world gears up for the
2024 Paris Olympics,...

Jul 26, 2024   |   6 MIN READ

CLICKFIX DECEPTION: A SOCIAL ENGINEERING TACTIC TO DEPLOY MALWARE

Authored by Yashvi Shah and Vignesh Dhatchanamoorthy McAfee Labs has discovered
a highly unusual method of malware...

Jul 11, 2024   |   9 MIN READ

QUALITY OVER QUANTITY: THE COUNTER-INTUITIVE GENAI KEY

It’s been almost two years since OpenAI launched ChatGPT, driving increased
mainstream awareness of and access to...

Jun 28, 2024   |   3 MIN READ

FAKE BAHRAIN GOVERNMENT ANDROID APP STEALS PERSONAL DATA USED FOR FINANCIAL
FRAUD

Authored by Dexter Shin Many government agencies provide their services online
for the convenience of their citizens....

May 31, 2024   |   7 MIN READ

HOW SCAMMERS HIJACK YOUR INSTAGRAM

Authored by Vignesh Dhatchanamoorthy, Rachana S Instagram, with its vast user
base and dynamic platform, has become...

May 14, 2024   |   6 MIN READ

FROM SPAM TO ASYNCRAT: TRACKING THE SURGE IN NON-PE CYBER THREATS

Authored by Yashvi Shah and Preksha Saxena AsyncRAT, also known as “Asynchronous
Remote Access Trojan,” represents a...

May 08, 2024   |   10 MIN READ

THE DARKGATE MENACE: LEVERAGING AUTOHOTKEY & ATTEMPT TO EVADE SMARTSCREEN

Authored by Yashvi Shah, Lakshya Mathur and Preksha Saxena McAfee Labs has
recently uncovered a novel infection...

Apr 29, 2024   |   13 MIN READ

REDLINE STEALER: A NOVEL APPROACH

Authored by Mohansundaram M and Neil Tyagi A new packed variant of the Redline
Stealer trojan was...

Apr 17, 2024   |   10 MIN READ

DISTINCTIVE CAMPAIGN EVOLUTION OF PIKABOT MALWARE

Authored by Anuradha and Preksha Introduction PikaBot is a malicious backdoor
that has been active since early...

Apr 02, 2024   |   10 MIN READ

Next
 * 1
 * 2
 * 3

Back to top
 *  
 * 
 * 
 * 
 * 

--------------------------------------------------------------------------------


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Products

McAfee+™ Individual
McAfee+™ Family
McAfee® Total Protection
McAfee® Antivirus
McAfee® Safe Connect
McAfee® PC Optimizer
McAfee® TechMaster
McAfee® Mobile Security


Resources

Antivirus
Free Downloads
Parental Controls
Malware
Firewall
Blogs
Activate Retail Card
McAfee Labs


Support

Customer Service
FAQs
Renewals
Support
Community


About

About McAfee
Careers
Contact Us
Newsroom
Investors
Legal Terms
Your Privacy Choices
System Requirements
Sitemap

--------------------------------------------------------------------------------

  United States / English Copyright © 2024 McAfee, LLC
Copyright © 2024 McAfee, LLC
United States / English






Feedback