Google recently warned of attacks via a rogue captcha. This attempts to get Internet users to download a rogue DLL file. This malware then installs a backdoor.
The malicious file is named iamnotarobot. When installed, the attackers have access to the infected computer. According to Google, malicious actors have carried out several variants of these attacks in recent years.
The tech company believes the group Coldriver is responsible for these attacks. The group is said to be backed by the Russian government. The hackers target NGOs, policy advisers and dissidents.
This group is also believed to be behind multiple targeted phishing attacks. Google suspects that Coldriver is now using rogue captchas to gather additional information about targets previously compromised via phishing. The underlying pages and domain names appear to be sources of information of interest to the victims.
Click here for Google's message.
