Cybercriminals take every opportunity to steal money from their victims by adopting all kinds of tricks. Some use malware that tries to infiltrate various devices through trickeryabuse of users’ trust.
VirusTotal, a malware analysis platform related to Google Cloud and headquartered in Malaga, has published a study on the methods most commonly used by attackers. To check, VirusTotal has analyzed millions of samples of suspected fraudulent software its service detected between 2021 and now 2022.
According to the study, cybercriminals try to trust their victims by using legitimate domains, stolen digital certificates, adding malware to a program’s installation package, or disguising the malware as benign software.
use of valid domain
Using legitimate domains, fraudsters bypass firewall-like security by restricting certain IPs and domains. Most used discordapp.com And others are Squarespace.com, amazonaws.com, mediafire.com, qq.com, fc2.com, baidu.com, live.com, and archive.org.
VirusTotal notes that Of the 1,000 most visited domains on the Internet, 10% (according to Alexa) distribute malware.
stolen digital certificate
Some cybercriminals use stolen digital certificates to sign their fake software. In this way, they pretend to come from legitimate sources.
87% of samples analyzed by VirusTotal have a valid digital signature.
Insert malware into the installer of a legitimate app
VirusTotal found more than 4,000 samples of malware packaged in installers of various programs, such as Google Chrome, Malwarebytes, Windows Update, Zoom, Brave, Firefox, ProtonVPN and Telegram.
These installation packages were downloaded from websites such as cloudfront.net, infocarnames.ru, hotaction.online, imgfarm.com, mediadownloader25, discordapp.com, amazonaws.com, yandex.net, winzipdriverupdater.com, and telegram-rus.ru .
Supposedly Legitimate Apps That Are Malware
Other cybercriminals directly impersonate an application known to users to introduce Trojans to their devices. Some of the most imitation platforms are Skype (28%), Adobe Acrobat (18,2%), VLC (17,6%), 7zip (11,5%), team viewer (7,5%), CCleaner (5,6%), microsoft edge (2,5%), Steam (2,3%), zoom (1,8%) Y WhatsApp (0,8%).