Fake Antivirus Software In 2024
ฝัง
- เผยแพร่เมื่อ 4 ต.ค. 2024
- Fake antivirus websites are a growing threat, deploying malware to steal sensitive information from Android and Windows devices.
This video shines a light on 1) "Fake Security Software" 2) Rogue Antivirus Programs 3) Phony Antivirus Alerts 4) Fraudulent Antivirus Downloads 5) Scam Antivirus Apps . And More.
These sites mimic legitimate antivirus brands, spreading malware like SpyNote, Lumma, and StealC.
The malware collects user data, grants extensive permissions, and can perform various malicious activities. This threat underscores the importance of downloading software only from trusted sources and being vigilant about cybersecurity.
Key Points
🔍 Fake Websites: Mimic Avast, Bitdefender, and Malwarebytes.
💻 Malware Types: Spread SpyNote trojan, Lumma stealer, StealC malware.
📈 Distribution: Use malvertising and SEO poisoning.
🔒 Permissions: Malware requests intrusive permissions.
🧑💻 User Data: Collects and exfiltrates sensitive information.
⚙️ Functionality: Can read SMS, call logs, track location, and mine cryptocurrency.
📦 Packaging: Delivered via APK files, ZIP, and RAR archives.
🚨 Security Advice: Download apps from trusted sources, scrutinize permissions.
🔧 Malware Evolution: Continuous development and new variants emerge.
📣 Awareness: Importance of staying informed about cybersecurity threats.
Fake Antivirus Sites: These sites mimic legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to distribute malware.
SpyNote Trojan: Delivered as an APK file from avast-securedownload[.]com, requesting intrusive permissions for extensive device control.
Lumma Stealer: Distributed from bitdefender-app[.]com as a ZIP file, targeting Windows systems to steal information.
StealC Malware: Found on malwarebytes[.]pro, delivered via a RAR archive to exfiltrate sensitive data.
Malicious Activities: Includes reading SMS, accessing call logs, tracking locations, taking screenshots, and mining cryptocurrency.
Malvertising & SEO Poisoning: Common techniques used to drive traffic to these fake websites.
Rogue Trellix Binary: Named "AMCoreDat.exe", used to drop stealer malware harvesting victim information.
Stealer Variants: Custom and sophisticated stealer malware like Acrid, SamsStealer, and ScarletStealer are part of these campaigns.
Mitigation Strategies: Emphasizes downloading software only from official sources and reviewing app permissions.
Continued Threat: Highlights the ongoing development and variety of stealer malware, underscoring the need for robust cybersecurity practices.
In The video we go into details about Scarletstealers Below a amazing report by Securelist.com
securelist.com...
The MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature From A Report By The thehackernews.com
thehackernews....
To provide some of the details reported on fake antivirus software
thehackernews....
We used references from Security Researcher
Gurumoorthi Ramanathan
/ gurumoorthiramanathan
www.trellix.co...
This Video was created by kelly Hector
/ @cybersecurityawarenes...
Kelly Hector On Linkedin
/ kelly-hector-digitalwo...
Kelly Hector Facebook
/ digitalworldvision
Kelly Hector On Tumblr
/ digitalworldvision
FREE VPN RISKS EXPOSED STUDY REVEALED
Read “FREE VPN VS PAID STUDY“ by Digitalworldvision.com/ SEO ARTICLES on Medium:
digitalworldvi...
WHY WEBSITE AUDITS ARE IMPORTANT IN CYBER SECURITY ? digitalworldvision.com/why-website-audits-are-important-in-cyber-security-b12b2787fb31
digitalworldvision.com/10-best-benefits-in-having-a-seo-audit-for-your-website-8143fc672