Monday, August 10, 15:13
Home security Fake certificate updates distribute backdoor malware

Fake certificate updates distribute backdoor malware

According to new data, backdoor and trojan malware is distributed through a new one Phishing technique, trying to entice victims to accept one "Updating" certificates security website.

Certification Authorities (CAs) distribute SSL / TLS security certificates for improved security at Internet, providing encryption for one-to-one communication channels browser and one server.

Various cases of certificate abuse have been reported from time to time. But now, a new one is used Phishing technique for distributing malware.

On Thursday, its researchers Kaspersky mentioned the new technique has been identified in many sites. The first malware infections were identified on January 16, 2020.

Visitors to an infected domain see the following image:

The warning states that the site's security certificate is not up to date, but even though this is a domain owner issue, victims are called upon to install a “certificate update security" to move on.

The message is contained in an iframe and the content is loaded through one jquery.js script from a third-party command-and-control (C2) server, while the URL bar still holds the legitimate address domain, so that they don't understand users that something is wrong.

"The jquery.js script covers an iframe that is exactly the same size as the page," the researchers say. "As a result, instead of the original page, the user sees a seemingly authentic banner requesting the immediate installation of a certificate update."

If the victim presses the button to update, starts downloading a file, Certificate_Update_v02.2020.exe.

When installed, the executable file will deliver the victim one of two malware: Mokes or Buerak.

The Mokes is a macOS / Windows backdoor malware, considered "sophisticated", as it can execute malicious code, extract screenshots, steal information computer, such as archives, sounds and video, while using AES-256 encryption to cover its activities.

On the other hand, the Buerak is a Windows-based Trojan malware capable of executing code, violating procedures, stealing content and more.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

The best security cameras to protect your home!

If you are afraid of intruders in your home, these security cameras can stream live video directly to your phone.

Do hackers carry out their attacks in real time?

More generally, there is a perception that hackers are suddenly infiltrating systems and devices and carrying out attacks. However, the reality is different. The...

Facebook: How to hide old posts

Facebook has introduced a new tool called "Activity Management" that will allow you to delete old posts, helping you to improve ...

How to download and install the Play Store on laptops and PCs?

Nowadays, many people rely on their smartphones, as they can be used easily and quickly for ...

Portable air conditioner: It is worn on the back and as a jewel 😛

Portable air conditioner - Worn on the back and like jewelry: 40 degrees and we have melted. Those of you who are lucky on the beach, please stop ...

How to download Google Camera Port 7.4 / GCam 7.4 on Xiaomi devices?

Pixel devices have Google Camera (GCam) as their default camera application. And since the Pixel series is known for ...

How to type in multiple languages ​​simultaneously on Android

People in today's world are very much addicted to smartphones. They provide access to many applications that can be used mainly ...

LucidPix: Make your photos 3D with this app!

Give a 3D format to your photos, with the LucidPix application, which is available in various versions for both Android and iPhone ...

Private or anonymous browsing: Does it guarantee your privacy on the Internet?

The term "private" is relevant, especially when it comes to private or anonymous browsing on the Internet, a setting in your web browser ...

Businesses: 8 types of cyber attacks to watch out for

Nowadays, all businesses, small and large must be on alert, as they can ...