Did you know Downloading Cracked Software? Beware of the Hidden Malware Stealing Your Info

 

There are a lot of people who do not want to pay big amounts on software and tools like Lightroom, Photoshop, AutoCAD and many others, so they just use cracked versions from the internet. Even though the crack versions do not cost any money apparently, they come with a bigger price like malware and stealing your sensitive information. Researchers from Trend Micro, a security firm, found that attackers spread fake installers on the internet and social media platforms like YouTube, but they have malware that steals your sensitive information but cannot be detected.

There are a lot of YouTube videos that give you cracked links of software you want but as soon as the user clicks on the link, it takes you to reputable file hosting sites like Mega.nz and Mediafire. But most of the time, the legitimate-looking software installer has malware in it and gets into the user’s system when they hit download. This malware is called infostealer which is designed to steal sensitive information from the system which has been infected. All types of sensitive information like your back accounts, personal data, credentials and other private information becomes easily accessible to attackers due to the malware and they can exploit your data for fraud and identity theft.

The researchers gave an example of software Autodesk Keygen which generates serial numbers. When a user searches for it on the web, many legitimate websites like OpenSea appear with a shortened link which directs the user to the malicious link.

Now the question arises how these malwares do not get detected. The answer is that many threat actors use reputable file hosting services that hide the origin of malware and many anti-virus programs are unable to detect it. Many malicious links are also 900MB or more in size with a password protection so the malware is unable to get detected. 

 Image: Trendmicro