Monday, July 13, 12:18 p.m.
Home security Malicious LokiBot trojan campaign disguised as a game launcher

Malicious LokiBot trojan campaign disguised as a game launcher

LokiBot

Malicious hacker have launched a new one campaign to share the powerful LokiBot trojan to their victims, disguising it as a game launcher.

The LokiBot trojan first appeared in 2015 and remains very popular among cybercriminals as it creates a backdoor in infected systems Windows. It steals sensitive information from victims - including usernames, passwords, banking details and the contents of cryptocurrencies wallets - through the use of a keylogger that monitors browser and desktop activity.

And now the malicious people are using a new LokiBot campaign to infect their victims, who have disguised themselves as the launcher of Epic Games, the developer behind the very popular online game Fortnite.

This recently discovered LokiBot campaign was analyzed by its researchers Trend Micro, who note that it uses an unusual installation routine to prevent detection by antivirus software.

As the researchers report, malicious software is distributed via phishing emails that are sent to potential targets.

Downloading and executing the fake Epic Game launcher, which uses the company logo to look legitimate, begins the infection process. Initially the malware downloads two separate files - a C # source file and an executable .NET - into the machine's application data directory.

The C # source code is very confusing, containing code segments that mean nothing but allowing the LokiBot installer to bypass any security measures in the machine.

Once logged in, the .NET file reads and complies with the C # code, before decrypting it and running the LokiBot on the infected machine. This provides the attacker with the backdoor needed to steal information, track activity, install other malware, and perform other malicious actions on the device.

LokiBot is still a lucrative malware, partly because its creator leaked it at the beginning of its creation, giving cybercriminals the opportunity to develop their own versions of malware.

In order to protect against LokiBot attacks and other malicious applications, it is recommended that users download only software and attachments from trusted sources and that organizations use software security to ensure that networks they can detect possible threats.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Germany: Impose sanctions on Russia over Bundestag hacking

Germany has formally proposed that the European Union impose sanctions on Russian individuals responsible for large-scale hacking of ...

Google Chrome: Increases battery life on laptops and smartphones

While Google's Chrome browser had a tough time, its competitors took the opportunity. In response, the company gave ...

USA: New team investigates financial crimes in cyberspace!

The US Secret Service is joining forces with cybercrime and cybercrime services in a group ...

Hacker stole 336 BTC from cryptocurrency company Cashaa

British cryptocurrency company Cashaa reported that hackers took more than 336 Bitcoin from the company. The company has stopped all ...

Higher fees from Facebook for vulnerabilities in Hermes

In an announcement on Friday, Facebook stated that it is going to increase the rewards in its bug bounty program, for ...

Hacker violates American cybersecurity company for revenge!

A hacker claims to have violated the backend servers belonging to an American cybersecurity company and ...

TrickBot malware accidentally warns victims that they have been infected

The famous TrickBot malware accidentally left a test module that warns the victims that they are infected and should contact ...

Financial institutions: The risk of data breach is higher!

According to a report, financial institutions tend to be at greater risk of data breach due to a lack of proper security controls ....

Google Chrome: Import, export and backup stored passwords

Google Chrome Password Manager lets you save usernames and passwords and ...

Apple: do not cover the camera on MacBook devices

Many users today have a habit of covering their laptop camera in order to protect themselves from any surveillance through it. However...