Here’s another good reason not to download pirated software
You wouldn’t download an infostealer…would you?
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
If you ever needed a compelling argument against downloading pirated software, cracks, or activators, here’s one - you’ll probably end up with a dangerous infostealer along the way, too.
Experts from Zscaler recently analyzed several ongoing malware distribution campaigns, finding an unknown threat actor (or multiple actors) is usingSEOpoisoning techniques to have their websites appear high up onGoogleresults pages for popular software-related queries such asAdobe Acrobat Pro, 7-Data Recovery Suite, and several other programs.
These websites, most often on .com domains, but also appearing on less popular domains such as .xyz, or .cfd, claim to be hosting these programs (and others), as well as cracks, activators, or anything else that’s needed in order to get a commercial (and expensive) program to work - for free.
RedLine Stealer or RecordBreaker
What the victims would actually be downloading onto their endpoints, however, are not the programs in question, but rather dangerous infostealing malware, such as RedLine Stealer, or RecordBreaker. These types of malware are capable of all kinds of nasties, from stealing passwords stored in browsers to stealing payment data, to grabbing screenshots.
The best way to protect against these attacks, the researchers are saying, is to refrain from downloading pirated software in the first place, as well as any cracks, keygens, activators, or anything of the sort.
A nasty new infostealer malware is landing in email inboxes>Microsoft’s campaign against malicious macros has given rise to new, dangerous attacks>Here’s our roundup of the best identity theft protection services and ID protection providers around
Furthermore, users can protect theirendpointsby installing an antivirus or amalwareprotection service, as well as a firewall. Finally, setting up two-factor authentication on as many accounts as possible will prevent threat actors from compromising the accounts, even if they manage to obtain the login credentials.
Also, it is important to note that just because a website pops up high on Google’s search engine results page (or any other search engine’s, for that matter), that doesn’t mean that it’s legitimate and that users should trust it by default.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Via:BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
7 myths about email security everyone should stop believing
Best Usenet client of 2024
NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)
