The threat actors behind the ClearFake campaign are using fake reCAPTCHA or Cloudflare Turnstile verifications as lures to trick users into downloading malware such as Lumma Stealer and Vidar Stealer.
ClearFake, first highlighted in July 2023, is the name given to a threat activity cluster that employs fake web browser update baits on compromised WordPress as a malware distribution vector.
The



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/03/clearfake-infects-9300-sites-uses-fake.html