https://www.gitexafrica.com/

Pause before you install: Malware being spread via false security certificates

Kaspersky researchers have uncovered a new method hackers are using to distributemalware: under the guise of fake security certificates. When users attempt to enter an infected site, an iframe appears stating the site’s security certificate is out of date and the connection cannot be completed. In order to proceed, it is recommended that they install a new certificate. However, what’s actually installed is malware on the victim’s computer.
 
So far, two types of Trojans have been downloaded as a result of this type of attack: Mokes and Buerak. The former provides backdoor access to the victim’s device, while the latter downloads additional malware on the infected device.
Backdoors are a very dangerous type of malware. Their functionality allows threat actors to gain contro; over an infected machines for malicious purposes. At the same time, user might not even suspect that its machine is being exploited.
Cybercriminals have, in the past, used updates for legitimate applications as a means of spreading malware, but the use of false security certificates is new, first noticed by Kaspersky researchers this year.
 
“People are particularly susceptible to this type of attack because it appears on legitimate websites, ones they’ve possibly already visited. What’s more, the address listed in the iframe is, in fact, the real address of the website. The natural instinct then is to “install” the recommended certificate, so they can view the content they want to. However, users should always be wary when prompted to download something by an online source—chances are, it’s not necessary,” says Victoria Vlasova, security expert at Kaspersky.
 
Kaspersky products successfully detect and block the threat.
• To avoid downloading potentially harmful malware on your device, Kaspersky experts recommend:
• Double-check the format of the URL and the spelling of the company name
• Manually type the website address in your browser rather than visiting via a link
Use a security solution like Kaspersky Total Security to protect you against a variety of cyber threats.
Find more details on Securelist

شاهد أيضاً

Startup Sync

Startup Sync Forum Discusses Fundamentals and Requirements for a Thriving Startup Ecosystem

The Startup Sync Forum featured dynamic discussions on the essential success factors for startups in …

اترك تعليقاً

لن يتم نشر عنوان بريدك الإلكتروني. الحقول الإلزامية مشار إليها بـ *