Arctic Wolf has recently observed a campaign targeting the healthcare sector, where victims visiting the widely used physical therapy video site HEP2go are redirected to a fake CAPTCHA webpage when they attempt to visit multiple parts of the website.

ArcticWolf's platform is a central hub for cybersecurity professionals, offering insights into managed detection and response (MDR), threat intelligence, and security operations. Through articles, reports, and webinars, ArcticWolf offers insights into detecting and responding to cybersecurity threats effectively. Security analysts can learn about threat hunting, incident response strategies, and security best practices to protect organizations from cyberattacks.

Arctic Wolf

Arctic Wolf has identified a campaign targeting the healthcare sector, specifically users of the physical therapy video site HEP2go, with fake CAPTCHA pages that lead to infostealer malware. Users are advised to avoid HEP2go until the issue is resolved. Arctic Wolf has detections in place to identify malicious activity in this campaign and recommends installing Arctic Wolf Agent & Sysmon for better security monitoring. Comprehensive security awareness training is also strongly recommended.

Healthcare Sector Targeted by Fake CAPTCHA Attack on HEP2go to Deliver Infostealer Malware

Implement Comprehensive Security Awareness Training