Here's another good reason never to use cracked software
Date:
Mon, 25 Jul 2022 15:31:31 +0000
Description:
Cracks are carrying malware, with this particular strain able to steal a
whole lot from its victims
FULL STORY ======================================================================
Cybersecurity researchers at AhnLab have detected a new version of an old malware strain, known as Amadey Bot, being distributed through software
cracks and keygens.
Many people around the world would rather download a cracked version of expensive software (for example Windows, the Adobe Suite, or similar) from a torrent site, and follow up with a crack/keygen, than purchase a legitimate version that could cost a few hundred dollars.
These cracks and keygens often trigger false positive alerts with antivirus solutions, which makes them an ideal mule to carry malware, especially if the malware can act fast enough, before the victim re-enables the antivirus program. Thats exactly the case here, as AhnLab spotted that through keygens and cracks, threat actors have been distributing SmokeLoader, a malware dropper coded to infect the endpoint with Amadey Bot. Stealing information
and loading more malware
Amadey Bot is a four years old bot, capable of performing system reconnaissance, stealing information from the target endpoint , and dropping additional payloads. It was also said that upon execution, the malware
injects Main Bot into the currently running explorer.exe process, hiding from antivirus programs in plain sight.
Whats more, it copies itself to the TEMP folder with the name bguuwe.exe, and sets up a scheduled task, making sure it remains on the system even after being terminated. Besides analyzing the target system and stealing information, Amadey is also capable of dropping other malware, among which, AhnLab has found - RedLine (yuri.exe). Read more
These fake Windows 11 upgrade installers will just infect you with malware
This nightmare incident shows why you really shouldn't store passwords in
your browser
These are the best firewalls right now
ReadLine is a popular, and highly potent stealer, that harvests browsers for saved passwords, autocomplete data, credit card information, and such. The malware also runs a system inventory, pulling in intel such as the username, location data, hardware configuration, and information on security software installed on the device. Newer versions are even able to steal cryptocurrency wallet information, as well as target FTP and IM clients. It can upload and download files, execute commands, and communicate with its C2 server.
The moral of the story is simple - downloading cracked software is simply not worth it, especially today when free, cloud-based alternatives are
everywhere. Keep your devices safe with the best antivirus solutions around
Via: BleepingComputer
======================================================================
Link to news story:
https://www.techradar.com/news/heres-another-good-reason-never-to-use-cracked- software/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)