There's another really good reason not to download pirated software

You might save a few dollars downloading pirated software, but you could also end up losing a lot more in the process, as researchers have discovered a cryptocurrency-targeting infostealer lurking among the cracks. 

Two separate cybersecurity firms - Flashpoint and Sekoia, uncovered a brand-new information-stealing malware dubbed “RisePro”. 

RisePro is being distributed through websites hosting pirated software, cracks, loaders, and similar illegal content, and infects endpoints through the PrivateLoader pay-per-install (PPI) malware distribution service.  

Stealing crypto account details

According to the researchers, RisePro carries many similarities to PrivateLoader, prompting the researchers to conclude that the malware distribution platform now has its own infostealer. What’s more, they discovered that it was most likely built on Vidar as a foundation, as it uses the same system of embedded DLL dependencies.

RisePro hunts for data from an extensive list of browsers, browser extensions, and cryptocurrency wallets, including Google Chrome, Firefox (and 30 other browsers), Authenticator, MetaMask, and Coinbase (and 26 other browser extensions). Furthermore,  it steals data from Discord, battle.net, Authy Desktop, and can scan filesystem folders for valuable data, for example holding credit card information.

According to Flashpoint, criminals have already started selling RisePro logs with sensitive, personally identifiable data, on Russian dark web markets. Threat actors interested in buying either the logs, or the tool itself, can do so via Telegram, by interacting with the threat actors’ Telegram bot. 

The researchers describe PrivateLoader as a pay-per-install malware distribution service, often posing as a software crack, or a keygen. Up until today, PrivateLoader only distributed RedLine Stealer or Raccoon, both of which are very popular infostealers in the cybercrime community. 

The best way to protect against such threats is to refrain from downloading illegal content to begin with, and only download software from legitimate, verified sources. A strong antivirus solution is also advised.

Via: BleepingComputer



from TechRadar - All the latest technology news https://ift.tt/ZRn0jdh
Share:

No comments:

Post a Comment

Categories

Rove Reviews Youtube Channel

  1. Subscribe to our youtube channel
  2. Like our videos and share them too.
  3. Our youtube channel name Rove reviews.

WITNUX

This website is made by Witnux LLC. This website provides you with all the news feeds related to technology from large tech media industries like GSM Arena, NDTV, Gadgets 360, Firstpost and many other such ates altogether at technical depicts so that you need not go to several sites to view their post provide you advantantage of time.

From the developer
Tanzeel Sarwar

OUR OTHER NETWORKS

OUR YOUTUBE CHANNEL

ROVE REVIEWS PLEASE SUBSCRIBE

OUR FACEBOOK PAGE

The Rove Reviews

Support

Trying our best to provide you the best DONATE or SUPPORTour site Contact me with details how are you gonna help us