Tuesday, November 24, 03:06
Home security Fake ProtonVPN installer infects Windows PCs with Azorult malware

Fake ProtonVPN installer infects Windows PCs with Azorult malware

Researchers security they discovered a new one hacking campaign aimed at spreading it Azorult malware. The hackers behind the campaign, they are abusing it protonVPN, after introducing Azorult as a ProtonVPN installer to infect Windows computers.

Researchers have identified several victims of Azorult malware. This malware is often sold to russian hacking forums. It is one of the most expensive and sought after malware because it offers a wide range of capabilities.

In this campaign, the hackers created one fake ProtonVPN site, which is an exact HTTrack copy of the actual ProtonVPN site. The Criminals manage to spread Azorult by presenting it as installer package for Windows computers.

Η campaign launched in November 2019 and seems to come from Russia.

Attackers use various infection machines to spread Azorult malware and affect Windows systems. One common method of spreading is Malvertising.

If users visit the fake ProtonVPN site and download the fake ProtonVPN installer for Windows, they will receive a copy of the Azorult botnet.

After the computer gets infected, Azorult starts to collects system information. It then sends the stolen information to the attackers via a command and control server located on the same accounts [.] protonvpn [.] store server.

According to her researchers Kaspersky, the Azorult malware that targets Windows computers, designed in such a way that it can steal: cryptocurrencies (Electrum, Bitcoin, Etherium etc.), FTP logins and passwords from fileZilla, e-mail credentials, his information browser (including cookies), credentials for WinSCP, Pidgin Messenger and much more.


Please enter your comment!
Please enter your name here

Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement


Details of Spotify users were exposed by hackers

A hacking team has gained unauthorized access to 350.000 Spotify accounts on the music streaming service. To achieve this ...

Black Friday: Tips for Secure Online Shopping

Black Friday and Cyber ​​Monday are two of the busiest days for online shopping. And of course ...

Photoshop: How to restore the old mode of Free Transform

Adobe recently changed the way Free Transform works. But you can restore the old way of working ...

EU: Ready to end end-to-end encryption?

End-to-end encryption is a security tool used by various applications, including Facebook Messenger, WhatsApp and Signal, for further ...

How to disable the "welcome tips" after the Windows 10 update

Windows 10 after an update sometimes opens a window with tips to show you what's new for ...

The Windows 10 KB4586819 update fixes several issues

Microsoft has released the cumulative non-security update KB4586819 preview for Windows 10 versions 1809, 1903 and 1909, with various fixes ...

Drupal websites are vulnerable to double-extension attacks!

The team behind Drupal Content Management System (CMS) released some security updates this week to fix a critical ...

Face recognition can identify bears and cows

Face recognition can be used to identify various animals such as bears and cows!

Google Workspace: How it unlocked the subscription software market

In fact, Google has made it easier for smaller players. A startup that starts in 2020 ...

Black Friday with online offers in COSMOTE and GERMANO

Press Release: Black Friday with online offers at COSMOTE and GERMANO November 23, 2020