Lumma Stealer uses fake CAPTCHAs for malware delivery in a global campaign targeting various sectors, particularly telecom. Attackers use social engineering to trick victims into executing commands outside the browser, evading security measures, leveraging techniques like process hollowing and PowerShell obfuscation to bypass defenses. The malware evolves continuously, making detection and prevention challenging, and Netskope provides proactive threat detection against this campaign.
https://www.netskope.com/blog/lumma-stealer-fake-captchas-new-techniques-to-evade-detection