We’ve All Clicked One Before, Now Hackers Are Creating Fake CAPTCHAs to Steal Data

One report estimates about 2,000 websites have been affected.

Save

We’ve All Clicked One Before, Now Hackers Are Creating Fake CAPTCHAs to Steal Data — In this image released on April 15, 2025, of a public display featuring the security CAPTCHA tool. "Real World Captchas" featured life-sized on the streets of Berlin, Singapore and Buenos Aires in March 2025. Marcos Brindicci/Getty Images for Tools for Humanity

6/2/2025Updated: 6/2/2025

0:00

Over 2,000 websites globally and nearly 80 small to medium-sized Australian businesses have had their websites compromised by a sophisticated hacking scheme leveraging the familiar CAPTCHA prompt.

A new report (pdf) from Australian online security firm CyberCX revealed that a highly orchestrated phishing campaign, known as DarkEngine, is targeting WordPress websites in Australia and beyond.

We’ve All Clicked One Before, Now Hackers Are Creating Fake CAPTCHAs to Steal Data

Trump’s 50 Percent Steel and Aluminium Tariffs Will Have Limited Impact on Australia: Economist

US Defence Secretary Urges Australia to Raise Defence Spending to 3.5 Percent of GDP

NSW Announces Housing Expansion After Rosehill Development Setback

Victoria Temporarily Backs Down on ‘Emergency Services’ Levy After Hundreds Protest