This shocking malware livestreams your computer screen

Malware turns victims into unwitting streamers

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurityresearchers have spotted an innovative newmalwarethat uses a popularlive-streaming appto record and broadcast the screen of its victims to the threat attackers.

Spotted byTrend Micro, the remote access trojan (RAT) named BIOPASS, piggybacks inside installers forAdobeFlash Player andMicrosoftSilverlight, both of which have beendeprecatedby their respective developers.

In itsdetailed examinationof the BIOPASS RAT, Trend Micro notes that the malicious Flash and Silverlight installers in fact load the “sophisticated” RAT that’s implemented asPythonscripts.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.

Click here to start the survey in a new window«

“What makes BIOPASS RAT particularly interesting is that it can sniff its victim’s screen by abusing the framework ofOpen Broadcaster Software (OBS) Studio, a popular live streaming and video recording app, to establish live streaming to acloud servicevia Real-Time Messaging Protocol (RTMP),” shares Trend Micro.

Inside job?

Trend Micro spotted BIOPASS in recent attacks, in what is known as a watering hole attack, against online gambling companies in China.

Although Trend Micro isn’t sure about the identity of the threat actors behind the RAT, it has found several pieces of evidence during its investigations to suggest that the malware could’ve been engineered by Chinese state-sponsored actors known as Winnti or APT41.

While state-sponsored threat actors are usually tasked to launch attacks across their borders, interestingly, Trend Micro notes that BIOPASS has several features that indicate that it is designed to target and steal the victim’s private information primarily from theweb browsersand instant messengers that are popularly used in China.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Your doctor may have an AI assistant taking notes during your next Zoom call