Once users click the “I am not a robot” checkbox, a malicious PowerShell command is copied to their clipboard, which could ultimately execute a harmful script. This campaign appears to be targeting Ukrainian government officials; however, CERT-UA warns that similar techniques could spread to other regions or be used by different threat actors.
The attack relies on multiple steps that involve users pressing key combinations and commands, which trigger the malware installation. To mitigate risks, CERT-UA advises users to avoid interacting with suspicious links and remain vigilant, especially with unusual prompts to perform multiple manual steps.
For those affected by such attacks, CERT-UA and cybersecurity agencies recommend immediate incident response actions, such as disconnecting infected devices, resetting passwords, reinstalling the operating system, and updating antivirus software.
Source: Forbes
The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.