Looking for pirated software? Be careful; could lead you to download malware.
One such strain of malware has been discovered by antivirus vendor Kaspersky that tries to infect tens of thousands of Windows PCs via websites that claim to offer cracks and key generators for legitimate software programs.
The malware is known as NullMixer and has so far attacked more than 47,500 users, Kaspersky said in a report.(Opens in a new window) released on Monday. It can download over 20 Trojans and malware once installed, including spyware, login and credit card stealers, backdoors, along with other programs capable of retrieving even more malware.
A victim can be tricked into accidentally installing NullMixer by searching for software cracks on search engines like Google. These software cracks are often designed to allow you to run legitimate software on a PC, but without purchasing a license key.
The hackers behind NullMixer have been exploiting these software cracking sites to redirect users to download a ZIP file that will run NullMixer. “Remarkably, cybercriminals used professional SEO tools to appear early in search engine results, so they could easily find them when searching for cracks and keygens on the Internet and could target as many users as possible,” Kaspersky added.
The infection occurs when the user extracts the “win-setup-i864.exe” file from the archive and decides to run it. Doing so will trigger it to launch another executable, which will then proceed to drop “dozens of malicious files” onto the PC, Kaspersky said. In addition, the malware will try to disable Microsoft’s Windows Defender real-time system monitoring.
“Since the beginning of the year, we have blocked attempts to infect more than 47,778 victims worldwide,” Kaspersky added. “Some of the most attacked countries are Brazil, India, Russia, Italy, Germany, France, Egypt, Turkey and the United States.”
Recommended by Our Editors
Geography of NullMixer infections. (Credit: Kaspersky)
Getting infected with so much malware can also make the PC unusable, unless Windows is reinstalled. “Any information you type on your keyboard will be available to attackers: from the messages you type to your friends on Facebook, the address you use to order from Amazon, to your device logins and passwords, or cryptocurrency accounts and data. of credit cards. As a result, the entire device with all its information is now in the hands of cybercriminals,” says Haim Zigel, security researcher at Kaspersky.
To protect yourself, it’s best to avoid pirated software. Users may also consider installing an antivirus program on their PC.
Do you like what you are reading?
Enroll in security surveillance newsletter for our top privacy and security stories delivered directly to your inbox.