Latest news with #SilentTrinity
Yahoo
28-05-2025
- General
- Yahoo
Don't Fall For It: Fake Bitdefender Site Will Infect Your PC With Malware
PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing. A hacker is using interest in free antivirus software to spread a nasty malware infection to Windows PCs, according to security researchers. The malware is circulating through a fake Bitdefender website at bitdefender-download[.]co, which makes the domain appear legit. But in reality, the site will install three pieces of malware, warns the security provider DomainTools. The fake site seems to spoof all the elements found on the official site for Bitdefender's free antivirus program for Windows. However, the download link on the malicious site will deliver a ZIP archive that contains the malicious attack, which includes the so-called "VenomRAT," a remote access Trojan that can secretly harvest passwords and record keystrokes. In addition, the attack will install the StormKitty and SilentTrinity malware programs, which can also steal passwords, including details for cryptocurrency wallets, and maintain long-term access to the PC. 'The implications of long-term access may include repeat compromise or selling access,' DomainTools added. The security provider suspects the fake Bitdefender site was likely used in phishing attacks since the malicious domain overlapped with internet infrastructure hosting other fake sites impersonating banks and IT services. A security researcher on X/Twitter initially spotted the fake Bitdefender last week. In response, the antivirus company said: 'This website is not operated by Bitdefender or our partners, and we are working to have it taken offline. We do detect the file that it serves and also block access to the website.' Although the fake Bitdefender site remains up, Google's Chrome browser will flag the link to the free software as malicious, preventing users from downloading it.
Forbes
27-05-2025
- General
- Forbes
Microsoft Windows Warning—Do Not Install These Apps On Your PC
New warning as malware infects PCs A new warning has issued for Microsoft users, after a raft of websites were caught installing dangerous apps onto Windows PCs. The attackers used websites that mimicked popular brands to trick users into installing the apps that had been laced with malware designed to steal passwords and digital wallets. The warning comes courtesy of the security researchers at DomainTools, and there's a nasty sting in the tail with this one. Not only do victims put their passwords and wallets at risk, but the attackers have also been ' potentially selling access to their systems.' it all starts with a 'Download for Windows' button on a fake website. DomainTools says these apps actually pushed three different malware loads on victims: 'VenomRAT sneaks in, StormKitty grabs your passwords and digital wallet info, and SilentTrinity ensures the attacker can stay hidden and maintain control.' If You Get This Message On Your Phone It's An Attack Copied brands include Bitdefender, ironically, as well as various banks, including Royal Bank of Canada, and Microsoft's sign-in page. Another reason to follow the Windows-makers advice for its billion users, and ditch passwords for passkeys. Fake Bitdefender website with 'Download for Windows' button. Of the three installs, it's VenomRAT that does the real damage. The researchers say they 'tracked down the attackers' command centers, identified other malware they likely used, and uncovered their web of fake download sites and phishing traps spoofing as banks and online services,' to map the infrastructure behind these attacks. Microsoft Tells Nearly All Windows Users—You Must Reboot Your PC DomainTools says these attacks follow the recent trend for attackers to build malware from open-source components. 'This 'build-your-own-malware' approach makes these attacks more efficient, stealthy, and adaptable. While the open-source nature of these tools can help security experts spot them faster, the primary victims here are everyday internet users,' which means security hurdles are materially lower. Three key rules will help keep you safer: If you're on a website and see an app you want to download, go to your usual, official app store and download from there. If you need to use a company's website, access it through a normal search or app, not through any links in texts or emails.
