Cybersecurity researchers have raised an alarm about a new online scam that is tricking thousands of internet users. Hackers are now using fake CAPTCHA verification screens to spread a dangerous malware called Lumma Stealer. This program secretly steals passwords, drains cryptocurrency wallets, and collects other private information without the victim knowing.
The scam works by showing what looks like a normal “I’m not a robot” CAPTCHA box. Many people are used to seeing these checks on websites, so they do not suspect anything unusual. However, once a person clicks on the box, they may see an error message that tells them their internet is unstable. The message then asks them to follow certain steps to fix the problem. Instead of solving anything, those steps quietly install malware that takes control of the device.
Researchers say this trick is very effective. A recent study showed that more than 17% of people who saw the fake CAPTCHA interacted with it. This is considered a high success rate for cybercriminal attacks, which usually rely on only a small number of victims falling for the trap.
Lumma Stealer: A Malware-as-a-Service
Lumma Stealer is not a new threat, but it has become one of the most dangerous malware strains on the internet. It is sold as a subscription service to criminals. For as little as $250 per month, hackers can use the malware to attack victims worldwide. This low cost makes it attractive to many cybercriminals, who often earn far more than they spend by stealing data and digital money.
In the past year, Lumma Stealer has been linked to losses of more than $36 million. Authorities have tried to stop it by shutting down thousands of websites that host the malware. Even so, the program keeps coming back in new forms. Security experts warn that the malware has been updated many times, especially since May 2025. These updates make it smarter at avoiding antivirus programs and other security defenses.
How Cyber Attacks on Industrial Control Systems Can Endanger Lives ?
The features of Lumma Stealer make it especially dangerous. Once installed, it can:
- Steal usernames and passwords saved in web browsers
- Break through certain two-factor authentication systems
- Drain cryptocurrency wallets directly from the device
- Collect financial records, personal details, and other private files
Because the malware works in the background, many victims do not notice until their accounts are emptied or their digital wallets are hacked. This makes the attack especially harmful for people who use their computers or phones for banking and crypto trading.
A Growing Risk for Crypto Users
While anyone can become a target of Lumma Stealer, cryptocurrency investors are at even greater risk. The malware has the ability to capture authentication tokens and wallet details stored in browsers. With this information, hackers can move coins or tokens in just a few seconds. Since cryptocurrency transactions cannot be reversed, the stolen funds are almost impossible to recover.
Security experts strongly advise people who own digital assets to follow safer practices. One common tip is to separate wallets based on their use. For example, it is safer to keep one wallet for regular trading, another for savings, and a different one for decentralized finance (DeFi) activities. This way, even if one wallet is compromised, the rest remain protected.
Cyberattack Catastrophe: How Hackers Can Endanger Human Lives ?
Another important step is the use of cold wallets, which store cryptocurrency offline. Because they are not connected to the internet, cold wallets are much harder for hackers to reach. Online or “hot” wallets are convenient but carry higher risks.
Experts also warn against saving passwords and wallet keys in browsers. Many people store login details this way for convenience, but malware like Lumma Stealer is designed to scan and steal such data instantly. Instead, users should rely on secure password managers or write down recovery phrases in a safe offline location.
The rise of this attack shows how cybercriminals are becoming more creative in finding ways to trick people. Staying alert and practicing safer online habits remain the best defenses.
