Research finds hackers spreading scam sites and fake apps

Research Reveals Hackers Circulate Fraudulent Sites and Fake Apps / Representative Image |

The next time you install a much talked about app on your device or visit a popular website, check the file name or URL carefully. Latest research revealed that Skype, Adobe Acrobat and VLC Player are the three most imitated apps by hackers, who create malware disguised as these apps.

Moreover, WhatsApp, Instagram and Amazon are the most spoofed websites created by hackers to distribute malware.

The revelations were made during a deep dive into malware distribution conducted by VirusTotal, a Google subsidiary that examines suspicious files, domains and websites for malware and other violations, and shares them with the cybersecurity community.

Over the past 16 years of operation, VirusTotal has scanned over two million malicious files per day from 232 countries around the world. He has recently observed an increase in “supply chain” attacks, where attackers have started to embed their malware into the sources of genuine and popular software widely used by people around the world.

According to VirusTotal’s research, attackers have increasingly started disguising their malware to look like legitimate applications and distributing it via common phishing methods. The three most imitated applications are Skype (28%), Adobe Acrobat (18.2%) and VLC player (17.6%). Other apps that come close include 7zip, TeamViewer, CCleaner, and Microsoft Edge.

All these applications are the first choice of users in their respective functions. In a similar analysis of legitimate websites spoofed to host malware, VirusTotal found that 23% of fake websites mimicked WhatsApp, 22.5% mimicked Instagram, and 13% were created to look like Amazon. All three websites are popular and come to mind first for messaging, social media, and online shopping.

“Supply chain attacks are worrisome, for good reason. The multiple techniques analyzed in this report can have a similar impact on victim defenses. Although they may appear less sophisticated than other forms of cyberattacks, they can be a differentiator for a successful social engineering attack or circumvent many existing security measures used by defenders,” VirusTotal said in its report.

The best defense in such cases is vigilance. It is always recommended to download the apps from legitimate app hosting platforms like Google Playstore. Any link or installation file shared via social networks, even if it comes from a known person, should always be treated with suspicion and ignored. Similarly, when looking for a website on a search engine, it is advisable to look carefully at the URL and check for the presence of an “https” tag, experts say.

(To receive our electronic document daily on WhatsApp, please click here. To receive it on Telegram, please click here. We allow sharing of the PDF of the document on WhatsApp and other social media platforms.)