Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

TrueCrypt and WinRar Downloader’s Plant StrongPity Malware onto Compromised Computers


Kaspersky Lab has reported of one fresh malware dubbed StrongPity. It exists inside downloaders for TrueCrypt and WinRar and runs itself the moment the PC-operator loads it onto his system. While WinRar is one widely used compression program, TrueCrypt was at one time an encryption tool of open-source kind. StrongPity pretends to be the downloader for the said twin tools, while enables hackers to fully compromise their victims' machines when planted.

StrongPity assaults are launched chiefly within Belgium and Italy, says Kaspersky Lab, however, the malicious program has as well attacked people inside the Middle East, North Africa and Turkey. As far as WinRar is concerned, StrongPity gets delivered via fraudulent WinRar websites which have 2 letters transposed inside their URLs that mimic a genuine installer website. The web-link of the file associated with the fraudulent site subsequently gets provided to an authentic distributor site containing WinRar. Digitaltrends.com posted this dated October 10, 2016.

Luckily for distributors of WinRar, according to Kaspersky researchers, StrongPity is eliminated. The malware was apparently connected with their websites via false downloaders.

Right now, StrongPity attacks are occurring via TrueCrypt downloaders. The tool's development completed during May 2014 when life support mechanisms for Windows XP was withdrawn. Microsoft didn't require TrueCrypt any longer for, the company provided support for virtual disk graphics and encrypted disks inside Windows Vista as well as newer versions. Hence, all that TrueCrypt creator currently provides relates to the stages of its tool's migration to BitLocker format.

Kaspersky stated early this week that till September end, TrueCrypt installer remained prolific. Seemingly there's just a single fake TrueCrypt website serving the contaminated downloader whose height of activity was during May when its ninety percent of victims resided in Turkey.

It has also been determined that StrongPity attacks user's hard disk from where it steals his contact details, implying the malware has the ability to easily regain personal information from the victim's hard disk while strike on his communication session. Nonetheless, the security company is preparing to eliminate StrongPity from the contaminated online site that would hopefully make an end of such attacks.

» SPAMfighter News - 10/18/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next