Malicious Software Concealed within Reputable and High-Profile Applications by Unscrupulous Cybercriminals
In a startling revelation, a recent report has highlighted the alarming trend of cybercriminals using legitimate applications as a cover for malware distribution.
According to VicenteDiaz, a security engineer at VirusTotal, a unit of Google Cloud, attackers are increasingly abusing trusted applications to lure potential victims. This tactic, repeated in the report, involves installing malware, often disguised as legitimate software, to deceive users.
The report also sheds light on the practice of embedding malware into installation packages of legitimate software, a common method for these attacks. Threat actors are impersonating legitimate applications or infrastructure to increase their success when targeting a victim.
One concerning finding is that 0.1% of legitimate hosts for widely used applications have distributed malware. This statistic is new and underscores the need for vigilance in the digital world.
The top three most-abused applications mimicked by malware are Skype, Adobe Acrobat, and VLC, the report states. Moreover, 10% of the top Alexa domains have previously distributed malicious samples, a startling revelation that underscores the widespread nature of this issue.
Researchers found at least 2.5 million suspicious files from the top 1,000 Alexa domains. This figure underscores the scale of the problem, with at least five different antivirus programs detecting these suspicious files.
The report analyzes a softer version of this activity, but it's clear that the implications are severe. Out of more than one million signed malicious samples uploaded to VirusTotal since January 2021, 87% of those samples have valid signatures. This statistic is repeated in the report, highlighting the sophistication of the attacks and the need for robust security measures.
The tactic of hiding malware behind legitimate applications to deceive users is repeated throughout the report. The malware often mimics legitimate applications to trick users into installing malicious files. This repeated emphasis underscores the importance of user awareness in the face of these threats.
The analyzed activity also involves attackers stealing or compromising legitimate infrastructure, source code, or certificates used to sign legitimate applications in supply chain attacks. This new information underscores the need for companies to secure their digital assets and maintain the integrity of their software supply chains.
In conclusion, the report serves as a stark reminder of the need for vigilance in the digital world. The widespread use of legitimate applications in malware distribution is a concerning trend that requires immediate attention from users, businesses, and security researchers alike.
Read also:
- Reporter of Silenced Torment or Individual Recording Suppressed Agony
- JPMorgan Chase Announces Plans for a Digital Bank Launch in Germany's Retail Sector
- Urgent Action: Users of Smartphones Advised to Instantly Erase Specific Messages, as per FBI Admonition
- American self-driving vehicle company secures $40 million contract for LiDAR technology with United States robotaxi firm
