<ul><li>Elastic Security Labs discovered a new Rust-based infostealer called EddieStealer, which tricks users with fake CAPTCHA pages to steal credentials.</li><li>EddieStealer spreads through deceptive CAPTCHA interfaces on adversary-controlled domains, appearing authentic to fool users.</li><li>The malware uses a complex infection mechanism involving obfuscated JavaScript payloads and PowerShell commands to download and execute malicious scripts.</li><li>To combat analysis and detection, EddieStealer utilizes obfuscation techniques, sandbox evasion, and data exfiltration capabilities targeting sensitive information.</li></ul>

EddieStealer Malware Exploits Fake CAPTCHAs to Steal Credentials

Discover more