Password-stealing Windows malware spreads via ads in search results
Don’t download cracked software, researchers warn
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Cybersecurityresearchers have detected a new strain ofmalwarethat can download a variety of threats, but is interestingly delivered through paidonline advertsin search results.
Named MosaicLoader by theBitdefenderresearchers who first ran into it, the malware is designed to infect devices of users looking for cracked software.
“Systems infected with this malware become part of the network of machines that attackers can further infect with any piece of malware they want. During our analysis, we observed that the payloads delivered by the second stage are malware sprayers that download and run many other malicious files,” the researchers note in their analysis.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.
Click here to start the survey in a new window«
Once installed, the malware creates a complex chain of processes in its attempts to download additional threats, which could range from simple cookie stealers, andcryptocurrencyminers to fully-fledged backdoors such asGlupteba.
Capitalizing on software piracy
Bitdefender shares that adverts bearing links to the malware appear at the top of search results for users searching for cracked versions of popular proprietary software.
“Most likely, attackers are purchasing adverts with downstream ad networks – small ad networks that funnel ad traffic to larger and larger providers. They usually do this over the weekend when manual ad vetting is impacted by the limited staff on call,” Bogdan Botezatu, director of threat research and reporting at Bitdefender briefedZDNet.
Bitdefender says that the campaign has no specific target countries or organizations, and indiscriminately delivers its payloads to users looking for cracked software.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Believed to be the handiwork of a new cyberthreat group, Bitdefender thinks the malware’s current form of distribution will itself keep it away from users who don’t go out looking for cracked software on the Internet.
ViaZDNet
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
Dangerous Android banking malware looks to trick victims with fake money transfers
Sophos Firewall hack on government network used an all-new custom malware
Best genealogy tool of 2024
