Tag Archive for: Pirated

Hackers use pirated software to hijack Mac, Android, and Windows devices

/in


Trading in cryptocurrency? You might be sitting on a pretty penny in that digital wallet of yours. Feels great, doesn’t it? But here’s the catch with digital currency: keeping it secure isn’t a walk in the park.

Hackers are out there, working overtime to come up with new tricks to swipe your crypto, potentially emptying your wallet in one fell swoop. Yep, for these cyber thieves, your digital cash is the ultimate prize. And the worst part? Most of the time, you won’t even realize you’ve been hit until your balance is zero.

Case in point: there’s this fresh malware out there, specifically targeting macOS, Android, and Windows devices. It sneaks in through pirated software, hunting for your cryptocurrency to make it its own. Here’s how it works.

What is the new malware targeting cryptocurrency users?

The cybersecurity company Kaspersky has uncovered a sophisticated new malware campaign designed to pilfer cryptocurrency from users’ wallets. This campaign leverages pirated or improperly licensed software as a vector for infection, exploiting the common practice of seeking out ‘free’ versions of paid software online.

These cracked applications, distributed through unauthorized websites, are embedded with a Trojan-Proxy type of malware. This malware is not limited to just macOS users, as recent findings have shown; variants targeting Android and Windows platforms have also been discovered, connecting to the same Command and Control (C&C) server. These variants, like their macOS counterparts, are concealed within cracked software, illustrating the widespread risk across different operating systems.

Once the malware is downloaded into your device, it’ll immediately start checking for Bitcoin and Exodus cryptocurrency wallets. If it discovers either one (which is very unfortunate for some users who have both), the malware replaces the wallet and infects it with another version that’s able to steal the cryptocurrency. For some people, this could amount to thousands of dollars. And, it’s all because you unintentionally downloaded the malware to your macOS, Android, and Windows devices.

MORE: HOW CROOKS ARE USING SKIMMERS AND SHIMMERS TO STEAL YOUR MONEY AT…

Source…

Hacker Circulates Mac Malware Via Pirated Software Torrents

/in


Security researchers have uncovered a largely undetected Mac-based malware that’s been circulating through pirated software downloads. 

The findings come from security provider Jamf, which discovered the malware on a bootleg version of Apple’s Final Cut Pro video-editing software, which normally costs $299.99. 

Jamf first spotted the malware secretly mining cryptocurrency on a customer’s Mac computer. “This particular sample was not detected as malicious by any security vendors on VirusTotal. Since January 2023, a handful of vendors have detected the malware,” it said. 

Since the malware arrived through an unauthorized and modified version of Final Cut Pro, Jamf turned to The Pirate Bay, a website notorious for offering bootleg software through torrents. 

“We downloaded the most recent torrent (for Final Cut Pro) with the highest number of seeders and checked the hash of the application executable. It matched the hash of the infected Final Cut Pro we had discovered in the wild. We now had our answer,” the security researchers said. 

The malicious torrents on The Pirate Bay

According to Jamf, an uploader on The Pirate Bay named “wtfisthat34698409672”—who has a years-long history of posting bootleg Mac software—is responsible for not only circulating the malware, but also pushing other variants of the malicious code. This includes posting malware-laden versions of Logic Pro and Photoshop. 

“Furthermore, we found that virtually every one of the dozens of uploads that began in 2019 was compromised with a malicious payload to surreptitiously mine cryptocurrency,” Jamf said.

The malware itself shares similarities with another sample that antivirus provider Trend Micro discovered a year ago. At the time, Trend Micro wasn’t able to uncover the exact source, but it did speculate the infection came from an Adobe Photoshop CC installation. 

Jamf says the malware has been evolving since 2019, when the hacker initially began uploading the pirated but malicious Mac software. Interestingly, the malware contains a feature that’ll check whether the user has accessed the Mac’s Activity Monitor app, which can show CPU usage. 

“If it finds the Activity Monitor, it immediately terminates all of its…

Source…

Pirated CIA spyware being used by threat actors, says analyst

/in


A leaked version of spyware designed by the Central Intelligence Agency (CIA) to covertly exfiltrate data from targets has been spotted in the wild for the first time by analyst Netlabs.

The cyber watchdog claims it detected a variant of the CIA cyberattack kit Hive – no relation to the ransomware group of the same name – on October 21 after it caught it communicating with an internet protocol (IP) address using forged Kaspersky certificates.

“After further lookup, we confirmed that this sample was adapted from the leaked Hive project server source code from the CIA,” said Netlabs. “This is the first time we caught a variant of the CIA Hive attack kit in the wild.”

Netlabs describes the variant, which it nicknamed xdr33 after its digital certification code, as a backdoor designed to collect sensitive data “and provide a foothold for subsequent intrusions.”

xdr33 uses SSL, an internet security tool that allows data encryption, to relay sensitive information back to the threat actor in control of it.

Describing the variant as an unsophisticated take on the US agency original, Netlabs added: “We tend to rule out the possibility that the CIA continued to improve on the leaked source code and consider it to be the result of a cyberattack group borrowing it.”

Expertise-sharing forum GitHub describes the original Hive spyware as providing “a covert communications platform for a whole range of CIA malware” that enables stolen data to be sent to agency servers and instructions to be relayed to field operatives.

More from Cybernews:

Google AI to boost retail sales

Netflix to crack down on account sharing

Robot rockers nail Nirvana and Metallica classics

Artist builds GPT-3 typewriter that replies to you on paper

Biden pushes Republicans and Democrats “to hold Big Tech accountable”

Subscribe to our newsletter

Source…

Hackers Crack Pirated Games with Cryptojacking Malware

/in



Threat actors have so far made about $2 million from Crackonosh, which secretly mines Monero cryptocurrency from affected devices.

Source…