Amatera Infostealer Campaign Uses Fake CAPTCHA and App-V Scripts

Amatera Infostealer Campaign Uses Fake CAPTCHA and App-V Scripts

First seen 28 Jan 2026, 02:54 UTC BleepingcomputerScworld 85% similarity 53.7

Article Content

Browse articles
ThreatCluster

A new campaign is distributing the Amatera infostealing malware by employing a fake CAPTCHA method alongside a signed Microsoft Application Virtualization (App-V) script. This attack utilizes legitimate Microsoft components to mask its malicious activities, tricking users into executing harmful commands on their systems.

ThreatCluster AI

Community

Browse all →