• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

WinRar and TrueCrypt Installer Dropping Malware on Users’ PCs

October 11th, 2016 Owais Sultan Malware, Security 0 comments
WinRar and TrueCrypt Installer Dropping Malware on Users’ PCs
Share on FacebookShare on Twitter

Be careful when you download WinRar or TrueCrypt installer – Researchers have found several websites distributing malware infected files for both installers.

A recent report by Kaspersky Lab stated that a new malware known as StrongPity has been found in installers for WinRar and TrueCrypt that execute itself once the user installs it on their computer.

How does it work?

The Malware poses as a legitimate installer by manipulating the domain name. This allows it to get linked to the sites that distribute WinRar and TrueCrypt installer file. Once the user clicks on the download link, it drops the malware file. Once it is installed, the Malware takes control of the entire system

The victims up till now

The malware, according to Kaspersky Lab, has hit various countries in the European Region including countries like Italy, Belgium, and Turkey. The Middle East and Africa have also fallen prey to StrongPity.

TrueCrypt may be the biggest threat

Kaspersky researchers also revealed that fortunately for WinRar distributors, the malware has been removed. It was supposedly linked to their sites through fake installers.

winrar-and-truecrypt-found-installer-dropping-malware-user-pcs

One of the sites that were found distributing malware through Win RAR installer

However, one of the TrueCrypt distributors’ websites was still dropping the malware on victim’s devices. Although TrueCrypt’s development has long been halted since 2008 as Microsoft integrated support for encrypted virtual disks in its newer version of Windows following XP, the tool is still required to transfer the files from TrueCrypt to BitLocker format. The malware, through the distributor’s site, has made its way to Turkey affecting a considerable amount of users

winrar-and-truecrypt-found-installer-dropping-malware-user-pcs-2

TrueCrypt is not so Crypt

StrongPity can do more than just control

Upon further examination, it is discovered that StronPity has the ability to infiltrate a victim’s hard disk and also steal their contact information. This means the Malware can easily retrieve private data from your hard disk and also target users’ communication. Nevertheless, Kaspersky is on its way to remove the malware from the infected website and hopefully stop such infiltration.

  • Tags
  • Alert
  • Cyber Crime
  • hacking
  • internet
  • Malware
  • security
  • TROJAN
  • Windows
Facebook Twitter LinkedIn Pinterest
Previous article Researchers Send Secure Passwords Using the Human Body
Next article Unsecured MongoDB Database: 58M Business Firm Accounts Leaked
Owais Sultan

Owais Sultan

Owais takes care of Hackread's social media from the very first day. At the same time He is pursuing for chartered accountancy and doing part time freelance writing.

Related Posts
Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

59
Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet
Security

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

93
Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping
Security

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

111

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us