Kaspersky detected a number of infections in Brazil, Cuba, Mexico, India, Nepal, South Africa, and Egypt.
Utilizing CAPTCHA as a throw-off
So as to add legitimacy to their operation and decrease person suspicion, the attackers embedded pretend CAPTCHA challenges twice within the assault chain. The primary seems when a person clicks the “Strive now” button on the malicious DeepSeek obtain web site, triggering a decoy CAPTCHA mimicking customary verification.
Apparently, the CAPTCHA code does confirm if the person is a human. “Clicking this button will take the person to a CAPTCHA anti-bot display,” researchers famous. “The code for this display is obfuscated JavaScript, which performs a sequence of checks to ensure that the person just isn’t a bot.”
