Another
attack related to the COVID-19 lockdown and as result number of remote workers.
Popularity of
video conferencing tools, such as Zoom, is exactly what hackers are using.
TrendMicro,
cybersecurity company, discovered a new criminal campaign that tricked remote
workers to install RevCode WebMonitor RAT(known on underground forums from 2017).
Researchers
said that fake installer doesn’t come from official sources like Apple Stope or
Google Play. It seems victims were using a malicious link from phishing email
or any other way to download it. Once
software is downloaded, it runs a video conferencing installer as well as
execute WebMonitor remote access tool.
This practice
of packaging malicious software inside a legit one is very popular and Zoom is
not an exception. The best way to reduce or even avoid these campaigns is to
download installer ONLY from official sources.
No comments:
Post a Comment