Malicious software has found a dangerous new method to infect users’ computers without them realizing a thing. The way in which these Trojans and Backdoor Malware are able to clandestinely corrupt your PCs without any notable indicators is now through bogus website security updates.

The new phishing technique reported by Kaspersky has to do with Certificate Authorities, which exist to boost online security by acting as an encryption formula for communication between a browser and a server. These are common in e-commerce and aim to cosign trust in a domain. A substantial number of different websites have recently been compromised by two new nefarious programs called Mokes and Buerak.

When a user visits a compromised domain they are met with a screen informing them that their security certificate is out of date and they are prompted to install an update to their certificate to continue. The prompt however is not native to the original domain, but an iframe: which is an HTML document embedded inside another HTML document on the website. Imagine a popup made to be the same size as the webpage making it indistinguishable from anything around it (because it leaves no room for anything to be around it). This tactic adds to the guise because it allows the URL bar to contain the same website you were meant to visit in the first place.

Those unfortunate enough to be swindled by the hoax will have installed Mokes or Buerak on their device where the two programs use different strategies to exploit infected computers. Buerak will corrupt and steal content on the PC executing its own ransomware code or siphon valuable information. Mokes has similar objectives but is far more sophisticated, able to take screenshots and record audio while also installing several backdoors for a more tenacious attack.

Although knowing the adversary goes a long way in protecting yourself from these dangerous malware, one can never be too safe. Employing antivirus and antimalware while also altogether avoiding shady sites is pivotal in keeping your computer healthy. Kaspersky is unsure of how much these viruses have been able to profit since their circulation.

Leave a Reply

Your email address will not be published. Required fields are marked *

GPD Host Contacts
GPD Host Social
Pay with Confidence

Copyright © 2015 - 2020 GPD Host All right reserved.