New type of scam: fake captchas

🤔 Fraudsters have come up with a cunning way to deceive using fake Cloudflare captchas. Now, instead of the usual "I'm not a robot" confirmation, you can inadvertently agree to download a malicious file.

⚠️ How does the attack happen?

1️⃣ You go to the site and see a familiar captcha.

2️⃣ When you click on it, the file (.exe or other malicious script) is automatically downloaded.

3️⃣ Malicious code is inserted into the clipboard.

4️⃣ "Verification instructions" appear on the screen, asking you to enter a code or press a key combination.

5️⃣ After this, the wallet drainage begins - the attackers gain access to your assets.

💻 Who is at risk?

🔴 Windows is the most vulnerable system to such attacks.

🟡 MacOS is safer for now, but there are still risks.