Offlido

Seven npm packages published under the name ‘dino_reborn’ used Adspect redirects and browser fingerprinting to route real visitors to fake cryptocurrency CAPTCHA scams while showing decoys to likely researchers, Socket researchers found.