AnnLab’s computer security researchers have discovered a new version of an old malware called Amadey Bot inside several compromised software.
Faced with the high cost of certain software and operating systems such as Adobe Suite or Windows, some users prefer to search the Internet. Cracked or stolen versions from a torrent site. As explained by AnnLab’s computer security researchers, this practice, while certainly illegal, also represents a risk to the security of your data.
In fact, it’s not uncommon for such pirated software to trigger false positive alerts from antivirus software. Generally, users who download such software ignore such warning notices. true, These cracks represent a great ass for malwareIt can take advantage of this temporary lack of antivirus protection to infect users’ PCs.
More precisely, AnnLab’s computer security experts have now discovered what the hackers distributed A smokerThe malware is coded to infect the terminal Amadey PatThrough many cracked softwares.
Malware hidden in corrupted software
Amade Bot is a bot that came into operation four years ago. It can do computer authentication, and To steal information from the target computer. It can drop payloads and hide itself from antivirus programs.
Also, it copies itself into the TEMP folder as bguuwe.exe and sets up a scheduled task. This allows him Remains on the computer even after being detected and stopped. Amedy bot can spread other malware like redline. This is the most popular password hack among hackers.
Its mode of operation is simple: It scans search browsers to retrieve saved passwords, for example automated login data or bank card information. It retrieves a lot of information about the user on the computer, such as username, location data, hardware configuration, or information about the security software installed on the computer.
As you understand, the advice of AnnLab researchers is as follows: Avoid downloading cracked software Opt for free cloud-hosted alternatives instead. As a reminder, A major phishing campaign will affect SFR customers in the coming weeks.
Source: Bleeding computer