However, when a Chrome user clicks play on the video it instead will download a file named console-play.exe. This is an executable file, and Chrome will automatically warn users the download may be malicious.
In these circumstances, Google Chrome users will then be presented with options to either keep or discard the file. However, to bypass this Google Chrome alert threat actors are displaying a fake reCaptcha screen. CAPTCHA or reCAPTCHA systems are used to distinguish humans from automated bots trying to access a website, with web users asked to decipher hard to read text or click on a specific type of object in an image or series of images.
To watch the video, Chrome users allegedly have to press B, S, Tab, A, F and then Enter.
However, this is just a devious way for threat actors to trick Chrome users into downloading the malicious file. Pressing B, S, A and F won’t do anything – but hitting Tab will select Keep on the screen asking Chrome users if they want to download the executable file.
While then pressing Enter will confirm the download.
