NullMixer Malware Spreads through Websites at the Top of Search Engine Results

Kaspersky researchers be pleased came upon a brand new campaign, spreading NullMixer, a malware that is actively disbursed by cybercriminals through websites offering crack, keygen and activators for downloading application illegally.

This malware steals customers’ credentials, addresses, credit rating card data, cryptocurrencies, and even Fb and Amazon accounts.

The An infection Chain of NullMixer Malware

NullMixer is a dropper main to an infection chain of a huge number of malware families. It spreads through malicious websites that might well even be came upon primarily through search engines like google. These websites are using SEO to preserve at the tip of search engine results.

“When customers strive to download application from this kind of sites, they are redirected a total lot of cases, and forestall up on a web page containing the download instructions and archived password-safe malware masquerading because the desired portion of application”, Kaspersky

NullMixer malware drops a group of malware files to the compromised machine. These malware families might well also just encompass backdoors, bankers, credential stealers and loads others. Also, it will download an limitless collection of Trojans reliable now, which is able to consequence in a mammoth-scale infection of any computer network.

Now, when the actual person clicks on the download hyperlink for the desired application, it redirects the actual person to 1 other malicious web residing. Therefore it redirects the actual person to a third-occasion IP deal with webpage, where it instructs the actual person to download a password-safe ZIP file from a file sharing web residing.

After the actual person extracts the archived file with the password, the actual person runs the installer and executes the malware. Malware drops a huge number of malicious binaries to contaminate the machine with, equivalent to backdoors, bankers, downloaders, adware and loads others.

Kaspersky safety solutions be pleased blocked attempts to contaminate more than 47,500 customers worldwide. About a of basically the most centered international locations are Brazil, India, Russia, Italy, Germany, France, Egypt, Turkey and the usa.

Therefore, a single file downloaded from an unreliable source can consequence in a mammoth-scale infection of a laptop design. Researchers converse a mammoth share of the malware families dropped by NullMixer are classified as ‘Trojan-Downloaders’. The malware infections might well now not be restricted to the malware families described in this negate.

“This chance can always be kept away from by utilizing easiest licensed products and tough safety solutions,” says Haim Zigel, safety researcher at Kaspersky.

Download Free SWG – Exact Web Filtering – Guide