New attempts at deception by cyber criminals with CAPTCHAs

Anyone who surfs the Internet has probably encountered those annoying queries that ask you to prove that you are human and not a machine. Sometimes you just have to tick “I’m not a robot”, sometimes you have to select pictures of traffic lights, bicycles, cats or similar, sometimes you have to type in letters or numbers from squiggly or blurred pictures. Such elements are called CAPTCHA (for “Completely Automated Public Turing test to tell Computers and Humans Apart”).

Recently, cyber criminals have been trying to abuse this method to infect computers with malware. They display alleged CAPTCHAs on specially prepared websites that use an apparently new method to distinguish humans from machines, namely entering a certain sequence of key combinations: 1. Windows key+R, 2. CTRL key+V, 3. Enter key.

Anyone who is not an IT expert and does not know the meaning of these keys may follow these instructions and execute the malware prepared by the criminals on their websites.

The three steps given are not random key sequences, but very specific ones: Windows key+R in step 1 first opens a Run window that can be used to open programs. In step 2, CTRL+V inserts text from the clipboard (the memory used for copying and pasting, which was previously filled by the website called up) into the Execute window and finally the program that was entered in the previous step is opened by using the Enter key in step 3.

Malicious software, malware, is then downloaded from the Internet and executed on your computer. In the worst case, the attackers take over the computer completely and can read out all data, encrypt the computer or use it as a springboard for attacks on other systems in the network.

Conclusion: Be suspicious if surprising or unusual prompts appear on the Internet and you are asked to perform actions that you cannot understand or comprehend! If you are unsure, do not follow such requests. Ask someone who is more familiar with the problem - in a work environment, for example, colleagues, your local IT administrator or the IT helpdesk at your institution.

Please also pass this information on to people around you.