Friday, January 15, 20:24
Home security Caution! Linkury adware distributes malware

Caution! Linkury adware distributes malware

According to a speech by researchers at the conference VirusBulletin 2020, one adware with the name Linkury, distributes malware and infects them Appliances of victims. This adware was previously known mainly for distribution browser hijackers.

Linkury adware

"What's dangerous with Linkury is how it uses its adware function as a gateway to spread malwareSaid Arun Kumar Shunmuga Sundaram and Rajeshkumar Ravichandran, two malware analysts of the Indian company security K7 Computing.

According to the researchers, Linkury combines standard adware with others malware and sometimes uses one function and the other, based on geographical criteria (depending on the country of the victim).

The two researchers security Linkury is said to have adapted its functions to hide its malicious techniques and to appear as a "legitimate adware".

Most companies, such as Malwarebytes, Microsoft and Trend Micro, recognize Linkury as "adware". However, Sundaram and Ravichandran argue that “should also be labeled as malware, based on the data presented in their report ".

Facts about Linkury

Prior to the researchers' talk on VirusBulletin, Linkury was primarily known as adware.

Usually, it is distributed through SafeFinder widget, one browser extension that is supposed to be used to perform secure internet searches.

The widget is usually combined with others for free applications, as a secondary installer or distributed through web ads that redirect them users on SafeFinder download pages.

If a user installs the SafeFinder extension, their browser default search settings and homepage will change. However, it is not just this change. The installation of the extension is accompanied by the installation of additional binaries, which differ depending on the country of the user.

But K7 researchers recently discovered that SafeFinder widget has now started installing malware, As the Socelars and Kpot infostealer trojan.

In other cases, Linkury was installing a version of Opera browser to the infected computers, which operated "silently" in the background of the operating system to display pop-up ads, bringing profits to Linkury adware / malware operators.

malware

In addition, the hackers behind Linkury, used the SafeFinder widget to install other extensions in its browsers user. K7 said it had located such facilities in Chrome and Firefox browser for Windows users and Safari, Chrome and Firefox for Mac users.

The problems, however, do not end here. The researchers also said that SafeFinder installer contained many malware features, such as PowerShell scripts for disabling Windows Defender and functions that allowed it to understand when the installer was running on virtual machines and sandboxes.

Finally, according to ZDNet, Linkury's SafeFinder widget does not obey their choices users, since its installer is designed to install its payload, even if the user tries to avoid the installation process by clicking "No" in the message that appears about the installation of SafeFinder.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

Android: How to see which apps have access to your site

It's no secret that smartphone apps have access to many permissions - if you let them. It is important to make sure ...

Canon lets you take pictures from space

Instead of releasing new cameras for CES 2021, Canon is doing something different: It lets you take pictures from space ....

Wikipedia vs Big tech: Who fights misinformation?

As Election Day turned into US Election Week, Facebook, Twitter and YouTube were trying to prevent ...
00:02:36

Tesla: It is called to recall cars due to problematic screens

The touch screen in some Tesla cars seems to have a problem, which could ...

Ransomware is responsible for half of all data breaches in hospitals

Almost half of the data breaches committed in hospitals and the wider healthcare sector are due to ransomware attacks, ...

Astronomers have just found the oldest oversized black hole

A quasar was discovered in a dark corner of space - over 13,03 billion light-years away - and contains a ...

What are the best and most affordable 5G phones for 2021

The market will soon be flooded with mid-range 5G devices. Everything that happens will be really exciting: you will be able to ...

Verified Twitter accounts in a cryptocurrency scam with the name of Elon Musk violated!

Lately, hackers have been violating verified Twitter accounts in a cryptocurrency giveaway scam, in which the name of the CEO is used ...

Classiscam: Fraudsters "fake" brands and deceive users of European markets!

Dozens of criminal gangs publish fake ads in popular online markets, to attract unsuspecting users to "fraudulent" commercial sites or phishing ...

iOS 14.4: Displays a notification for repairs with non-genuine cameras

Starting with the iPhone 11, Apple has added a notification to iOS that tells the user when the device has a ...