Advertisement
An example of hacked malware was discovered when researchers detected a user downloading a cracked copy of the credential stuffing tool Sentry MBA from a Turkish-language cracking forum. Sentry MBA includes features to bypass website security controls, such as CAPTCHA challenges and web application firewalls. “Threat actors,” say researchers in the HP Wolf Security Threat Insights Report for 1H/2021 (PDF), “can either use pre-bundled optical character recognition (OCR), computer vision models, or configure the tool to query the APIs of third-party CAPTCHA-solving services during an attack.”