Fake Cloudflare CAPTCHAs Spread Infiniti Stealer Pages Malware

The Infiniti Stealer malware utilizes a randomized execution delay, a tactic designed to circumvent automated detection systems. This behavior is part of a broader campaign where fake Cloudflare CAPTCHA pages are used to spread the malware, as detailed in a recent report.

If you suspect you may have been affected, take these steps immediately:

• Stop using the device for sensitive activity including banking, email, and work accounts
• Change passwords from a clean device, starting with email, Apple ID, and banking credentials
• Revoke active sessions and invalidate any API tokens or SSH keys
• Look for any unusual files placed in /tmp and ~/Library/LaunchAgents/
• Run a full security scan to detect and remove any remaining malware

No legitimate CAPTCHA page will ever ask you to open Terminal and run a command. If a website instructs you to do this, close it immediately.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.