The harmful actors are trying to steal the encryption with the malicious programs included in the fake Microsoft Offices extensions that have been uploaded to Sounds Forge Source Forge, according to Kaspersky.
One of the harmful lists, called “Officepackage”, contains real additions to Microsoft Office but hide harmful programs called Clipbanker that replaces an encrypted porch address on a computer with the attacker’s address, Kaspersky’s Anti-Malware Research He said In April 8 report.
The team said: “Users of the encryption portfolio usually copy their addresses instead of writing them. If the device is infected with Clipbanker, the victim’s money will end in a completely unexpected place.”
The fake project page on Sourceforge mimics the legislative developer tool page, which shows the additional Office buttons and download buttons and can also appear in the search results.
Kaspersky said it had found harmful programs to steal encryption on the Sourceforge programs. source: Kaspersky
Kaspersky said that another feature of the malware infection series includes sending infected device information such as IP addresses, American names and users’ names for infiltrators through Telegram.
Harmful programs can also wipe the affected system of already installed signs or to delete and delete viruses.
The attackers can sell access to the other regime
Kaspersky says that some of the files in the pseudo download are small, which raise “red flags, because office applications are never small, even when they are compressed.”
Other files are filled with Junk to persuade users that they are looking for an original software installer.
The company said the attackers secure an infected system “through multiple methods, including unconventional methods.”
“While the attack mainly targets the cryptocurrency by deploying a mine and Clipbanker worker, attackers can sell the system to the most dangerous actors.”
The interface is in Russian, which Kaspersky speculates that it is targeting Russian -speaking users.
“Our remote measurement indicates that 90 % of potential victims in Russia, with 4,604 users of the plan between early January and late March,” stated the report. To avoid the victim’s fall, Kaspersky recommended that programs be downloaded only from reliable sources such as pirate software and alternative download options bearing higher risks. Related to: Holders sell fake phones with malware to steal encryption The company said: “The distribution of harmful programs as a pirated program is not new.” “Since users are looking for ways to download applications outside official sources, the attackers offer them. They continue to search for new ways to make their websites look legitimate.” Other companies have also raised the alarm on new forms of harmful programs targeting encryption users. Threat Fabric said in a report on March 28 that he found a new family of harmful programs that could launch a fake launch to deceive Android users to provide their coding seeds with the device’s surrender. magazine: Bitcoin is heading to 70 thousand dollars soon? Crypto Baller Funds Spacex Flight: Hodler’s Digest, March 30 – April 5
Related Articles
