Top Software Distributed through Piracy for Stealing Information.

by | Mar 7, 2024

There are several current malware distribution tactics that target internet users seeking for software that has been illegally downloaded. The attackers are enticing their potential victims by exploiting a variety of unlicensed software.

Using Pirated Software :

In order to promote malicious shareware sites that provide fraudulent or pirated software as well as key generators and cracks at the top of Google Search results, the campaigns use SEO poisoning and malicious advertising.

Adobe Acrobat Pro, Wondershare Dr. Fone, 3DMark, 3DVista Virtual Tour Pro, 7-Data Recovery Suite, and MAGIX Sound Force Pro are among the programmes used to lure the victims.

The .exe files often pose as software installers and are stored on file hosting sites; by clicking on them, users are sent to malicious file download pages.

Although the reported malware distribution pattern is not constant, multiple efforts employ reliable websites like Mediafire and Discord to house malware.

Process Of Infection :

The malicious file-delivery redirection websites have less creative names and are housed on top-level domains with the xyz and cfd extensions.

The downloaded files are archives, comprising a TXT file with a password and a 1.3MB ZIP with a password to evade antivirus checks.

The uncompressed ZIP file had a size of 600MB due to the anti-analysis technique known as “byte padding,” which is used by many malware writers.

The executable is a malware loader that acquires an encoded PowerShell command and, after a 10-second timeout to avoid sandbox examination, launches a Windows cmd[.]exe file

  • The aforementioned cmd[.]exe procedure downloads a JPG file, which is actually a DLL file with reversed content.
  • The loader acquires the last DLL, the RedLine Stealer payload, and rearranges the contents in the proper sequence.
  • Attackers have been known to drop RecordBreaker stealers that are loaded with the Themida obfuscation tool.

The malware campaigns have been running effectively and have already been directed at a large number of online users. Avoid downloading cracked software, product activators, serial key generators, and pirated software to remain secure.