\"\"
<\/span><\/figcaption><\/figure>New Delhi: Cybersecurity<\/a> researchers have found an interesting piece of malware that, instead of stealing passwords or to extort a computers owner for ransom, blocks infected users computers from being able to visit a large number of websites dedicated to software piracy. However, the malware appears murky.

Researchers at Sophos, a global leader in next-generation cybersecurity, have detailed a curious cyberattack campaign that targets users of pirated software with malware designed to block access to websites hosting pirated software.

The developers disguise the malware as cracked versions of popular online games such as
Minecraft<\/a> and Among Us, as well as productivity tool such as Microsoft Office<\/a>, security software and others.

The disguised malware is distributed via the
BitTorrent<\/a> platform from an account hosted on \"ThePirateBay\" digital file sharing website.

\"Links to the malware are also hosted on
Discord<\/a>. Once installed, the malware blocks the victim's access to a long list of websites, including many that distribute pirated software,\" the researchers said in a blog post.

The researchers were not able to discern a provenance for this malware.

\"But its motivation seemed pretty clear: It prevents people from visiting software piracy websites (if only temporarily), and sends the name of the pirated software the user was hoping to use to a website, which also delivers a secondary payload,\" they explained.

Andrew
Brandt<\/a>, principal threat researcher, Sophos, said: \"Sometimes it is easy to see clearly what an adversary's end game is and why they have chosen a particular approach to achieve it. This is not one of those times\".

On the face of it, the adversary's targets and tools suggest this could be some kind of anti-piracy vigilante operation.

\"However, the attacker's vast potential target audience -- from gamers to business professionals -- make the ultimate purpose of this operation a bit murky,\" Brandt cautioned.

At least some of the malware, disguised as pirated copies of a wide variety of software packages, was hosted on game chat service Discord.

Other copies, distributed through Bittorrent, were also named after popular games, productivity tools, and even security products, accompanied by additional files that make it appear to have originated with a well-known file sharing account on ThePirateBay.

In this malware case, the attackers use an age-old approach of modifying the HOSTS file settings on an infected device to \"localhost\" a long list of websites, thereby blocking the user's access to them.

The malicious files are compiled for 64-bit Windows 10 and then signed with bogus digital certificates that wouldn't pass more than a very rudimentary check.

\"Once downloaded and installed by a user, the malware hunts for files named 7686789678967896789678 and 412412512512512. If it finds them it stops any further launch of the attack,\" said Sophos researchers.

The malware also triggers a fake error message to appear when it runs, which asks people to re-install the software, they added.

<\/body>","next_sibling":[{"msid":83739095,"title":"Vodafone Idea names Sheena Joseph as VP of customer service for enterprise business","entity_type":"ARTICLE","link":"\/news\/vodafone-idea-names-sheena-joseph-as-vp-of-customer-service-for-enterprise-business\/83739095","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":83739225,"entity_type":"ARTICLE","title":"This malware prevents users from browsing pirated websites","synopsis":"The developers disguise the malware as cracked versions of popular online games such as Minecraft and Among Us, as well as productivity tool such as Microsoft Office, security software and others.","titleseo":"telecomnews\/this-malware-prevents-users-from-browsing-pirated-websites","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":214,"shares":0,"engagementtimems":878000},"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2021-06-22 11:41:08","lastupd":"2021-06-22 11:43:00","breadcrumbTags":["cybersecurity","microsoft office","Minecraft","Brandt","discord","BitTorrent","Internet"],"secinfo":{"seolocation":"telecomnews\/this-malware-prevents-users-from-browsing-pirated-websites"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2021-06-22" data-index="article_1">

这个恶意软件可以防止用户浏览盗版网站

开发商恶意软件伪装成流行的在线游戏的破解版本,如"我和我们中间以及生产力工具如Microsoft Office、安全软件等。

  • 更新在2021年6月22日凌晨43坚持
阅读: 100年行业专业人士
读者的形象读到100年行业专业人士
新德里消息:网络安全研究人员已经发现了一个有趣的的恶意软件,而不是窃取密码或勒索赎金的电脑老板,阻止感染用户电脑能够访问大量的网站致力于软件盗版。然而,恶意软件出现不明。

Sophos的研究员,一个全球领先的下一代网络安全,有详细的一个奇怪的网络攻击活动的目标用户的盗版软件和恶意软件设计屏蔽网站托管盗版软件。

开发商恶意软件伪装成破解版本的受欢迎的在线游戏等"我在我们中间,以及生产力工具等微软办公软件、安全软件等。

广告
分布式通过伪装的恶意软件bt平台从一个帐户托管在“海盗湾”数字文件共享网站。

“链接到恶意软件也驻留在不和。一旦安装完毕,恶意软件块受害者的一长串的网站,包括许多分发盗版软件,”研究人员在一篇博客文章中说。

研究人员不能辨别这个恶意软件的来源。

”,但它的动机似乎很清楚:它阻止人们访问软件盗版网站(如果只是暂时的),并发送的名字盗版软件用户希望使用一个网站,也提供了一个二级负荷,”他们解释说。

安德鲁布兰德首席研究员,威胁Sophos表示:“有时很容易看清楚敌人的游戏是什么,为什么他们选择一个特定的方法来实现它。这不是一次”。

从表面上看,敌人的目标和工具提示这可能是某种反盗版治安维持会成员操作。

“然而,攻击者的巨大潜力的目标受众——从玩家商业人士——使这个操作的最终目的有点阴暗,”布兰德警告。

至少一些恶意软件,伪装成盗版的各种各样的软件包,是托管在游戏聊天服务不和谐。

广告
其他副本,通过Bittorrent,也受欢迎的游戏的名字命名,生产力工具,甚至是安全产品,伴随着附加文件使它似乎起源于著名的海盗湾文件共享帐户。

在这个恶意软件的情况下,攻击者使用一个古老的方法修改主机文件设置在一个受感染的设备“localhost”一长串的网站,从而阻止用户的访问。

恶意文件编译64位Windows 10然后用伪造的签名数字证书,不会通过一个非常基本的检查。

“一旦由用户下载并安装,恶意软件寻找文件命名为7686789678967896789678和7686789678967896789678。如果发现它停止任何进一步发动的袭击,“Sophos的研究人员说。

恶意软件也触发虚假错误信息出现当它运行时,要求人们重新安装软件,他们补充说。

  • 发表在2021年6月22日上午他们坚持
是第一个发表评论。
现在评论

加入2 m +行业专业人士的社区

订阅我们的通讯最新见解与分析。乐动扑克

下载ETTelec乐动娱乐招聘om应用

  • 得到实时更新
  • 保存您最喜爱的文章
扫描下载应用程序
\"\"
<\/span><\/figcaption><\/figure>New Delhi: Cybersecurity<\/a> researchers have found an interesting piece of malware that, instead of stealing passwords or to extort a computers owner for ransom, blocks infected users computers from being able to visit a large number of websites dedicated to software piracy. However, the malware appears murky.

Researchers at Sophos, a global leader in next-generation cybersecurity, have detailed a curious cyberattack campaign that targets users of pirated software with malware designed to block access to websites hosting pirated software.

The developers disguise the malware as cracked versions of popular online games such as
Minecraft<\/a> and Among Us, as well as productivity tool such as Microsoft Office<\/a>, security software and others.

The disguised malware is distributed via the
BitTorrent<\/a> platform from an account hosted on \"ThePirateBay\" digital file sharing website.

\"Links to the malware are also hosted on
Discord<\/a>. Once installed, the malware blocks the victim's access to a long list of websites, including many that distribute pirated software,\" the researchers said in a blog post.

The researchers were not able to discern a provenance for this malware.

\"But its motivation seemed pretty clear: It prevents people from visiting software piracy websites (if only temporarily), and sends the name of the pirated software the user was hoping to use to a website, which also delivers a secondary payload,\" they explained.

Andrew
Brandt<\/a>, principal threat researcher, Sophos, said: \"Sometimes it is easy to see clearly what an adversary's end game is and why they have chosen a particular approach to achieve it. This is not one of those times\".

On the face of it, the adversary's targets and tools suggest this could be some kind of anti-piracy vigilante operation.

\"However, the attacker's vast potential target audience -- from gamers to business professionals -- make the ultimate purpose of this operation a bit murky,\" Brandt cautioned.

At least some of the malware, disguised as pirated copies of a wide variety of software packages, was hosted on game chat service Discord.

Other copies, distributed through Bittorrent, were also named after popular games, productivity tools, and even security products, accompanied by additional files that make it appear to have originated with a well-known file sharing account on ThePirateBay.

In this malware case, the attackers use an age-old approach of modifying the HOSTS file settings on an infected device to \"localhost\" a long list of websites, thereby blocking the user's access to them.

The malicious files are compiled for 64-bit Windows 10 and then signed with bogus digital certificates that wouldn't pass more than a very rudimentary check.

\"Once downloaded and installed by a user, the malware hunts for files named 7686789678967896789678 and 412412512512512. If it finds them it stops any further launch of the attack,\" said Sophos researchers.

The malware also triggers a fake error message to appear when it runs, which asks people to re-install the software, they added.

<\/body>","next_sibling":[{"msid":83739095,"title":"Vodafone Idea names Sheena Joseph as VP of customer service for enterprise business","entity_type":"ARTICLE","link":"\/news\/vodafone-idea-names-sheena-joseph-as-vp-of-customer-service-for-enterprise-business\/83739095","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":83739225,"entity_type":"ARTICLE","title":"This malware prevents users from browsing pirated websites","synopsis":"The developers disguise the malware as cracked versions of popular online games such as Minecraft and Among Us, as well as productivity tool such as Microsoft Office, security software and others.","titleseo":"telecomnews\/this-malware-prevents-users-from-browsing-pirated-websites","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":214,"shares":0,"engagementtimems":878000},"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2021-06-22 11:41:08","lastupd":"2021-06-22 11:43:00","breadcrumbTags":["cybersecurity","microsoft office","Minecraft","Brandt","discord","BitTorrent","Internet"],"secinfo":{"seolocation":"telecomnews\/this-malware-prevents-users-from-browsing-pirated-websites"}}" data-news_link="//www.iser-br.com/news/this-malware-prevents-users-from-browsing-pirated-websites/83739225">