Criminals continue to display a remarkable aptitude for innovation. Back in March we wrote about how malware was – is – being disseminated through video calling platforms. Now, criminals are mimicking anti-virus technology providers to the same end.
In mid-April, cybersecurity tech firm Trelix said that its Advanced Research Center team “observed multiple fake AV sites hosting highly sophisticated malicious files such as APK, EXE and Inno setup installer that includes Spy and Stealer capabilities.”
The providers whose sites Trelix identified as being subject to these fake sites were Avast, Bit Defender, and Malwarebytes – all sites that provide anti-virus as “Freeware”.
If you are not familiar with the term “Freeware” – it is basically software provided for free with the intent to get you to use the software in order to upgrade at some point in the future for the version that charges a fee. And Freeware is now a primary attack vector for criminals to get malware into your IT environment. BW Cyber strongly recommends that you never download freeware unless you’re absolutely certain it’s valid. Moreover, your firm should have a technical policy, enforced by a lockdown on Local Administrative Privileges, that prevents your employees from downloading any executables without prior permission. This includes the IT staff – no one should be downloading an EXE file unless it has been vetted by company leadership.
