This scary malware can cripple your PC — how to protect yourself
This scary malware tin cripple your PC — how to protect yourself
A dangerous cyberbanking Trojan is targeting people living in Brazil, Chile, United mexican states, Kingdom of spain, Peru and Portugal, according to a alarm from researchers at one of the globe's all-time antivirus companies.
They say that the Mekotio banking Trojan, which first began circulating the web five years ago, has accumulated advanced backdoor capabilities in that time.
- Best VPN: keep your identity protected when using banking apps
- All-time antivirus: stay protected when online at home and on mobile
- Just in: Your Alexa account can be hacked with one nasty link
Backdoor capabilities
The researchers from cybersecurity firm ESET say that the Trojan is capable of "taking screenshots, restarting affected machines, restricting access to legitimate cyberbanking websites, and, in some variants, fifty-fifty stealing bitcoins and exfiltrating credentials stored past the Google Chrome browser."
ESET noted in a web log post how Mekotio has similarities to other banking Trojans that it'due south researched in the past, such as "being written in Delphi, using fake pop-up windows and containing backstairs functionality".
Mekotio is fifty-fifty capable of making itself looking "less suspicious" and subsequently deceiving users by masquerading as a security update "using a specific message box."
As well as this, the malware can and then go on to exfiltrate firewall configurations, admin rights, Windows version information, and details about any security solutions installed on the device.
Crippling machines
After infecting machines with the malware, threat actors can even "cripple the victim'southward machine by attempting to remove all files and folders in the C:\Windows tree."
Robert Šuman, who led the Mekotio inquiry team, said: "For researchers, the most notable feature of the newest variants of this malware family is its utilize of an SQL database every bit a C&C server and how information technology abuses the legitimate AutoIt interpreter as its chief method of execution."
In their study, the researchers also explored the mode that Mekotio is circulated and found that this is done mainly through spam. Overall, they have discovered 38 distribution chains.
ESET went on to say that "most of these chains consist of several stages and stop up downloading a Nada archive", adding that this is "a well-known behavior of Latin American banking trojans".
Suman added: "Mekotio has followed a rather chaotic development path, with its features being modified very often. Based on its internal versioning, ESET believes there are multiple variants beingness developed simultaneously."
Stay alarm
Jake Moore, a security specialist at ESET, told Tom's Guide: "This acts as nonetheless another reminder to be careful with what y'all download. Trojans can be extremely hard to spot immediately yet there are ways to identify this wolf in sheep's clothing. Firstly, you must always verify the origin of any email enticing you to click or download an zipper – especially from unsolicited contact.
He added: "The reviews and the download count (where possible) are the next giveaway. If the reviews suggest something is upwardly or the download count is way under what you lot would expect to see then it'due south time to avoid information technology.
"Enquiry is your best friend when information technology comes to downloading anything to your device only if y'all are placing anything on your device that y'all are unsure of, it naturally comes with a gamble attached."
- Read more than: Stay protected on your mobile with the all-time iPhone VPN
Source: https://www.tomsguide.com/news/this-scary-malware-can-cripple-your-pc-how-to-protect-yourself
Posted by: butlerpory1991.blogspot.com
0 Response to "This scary malware can cripple your PC — how to protect yourself"
Post a Comment