South Korean TV fans could encounter malware spread through torrent sites

South Korean television fans are advised to remain watchful of online campaign still active and disseminating malicious software through torrent websites, with the malware disguised as South Korean television programs and feature films. Reportedly, the malware facilitates in converting the compromised PC into a bot so the attacker can control the computer from remote.

A press release on July 8, 2019 states that the malicious software has been dubbed Win64/GoBot2 a modified version of GoBotKR. Further, the perpetrators of GoBotKR have been found assembling a botnet for carrying out different kinds of DDoS attacks, the press release mentions.

According to Zuzana Hromcova security researcher at ESET, the attackers propagating the campaign attempt at duping end-users into running the malicious software after booby-trapping the torrent websites' matter with harmful files having misleading icons, extensions and filenames. While straight away clicking on MP4 which is the file supposed to be opened doesn't lead to any malevolent action, however, because the file hides inside some other directory, a copycat file is what end-users are likely to encounter, Hromcova elaborates. www.infosecurity-magazine.com posted this, July 8, 2019.

ESET explains that the malware has been modified fromGoBot2 a backdoor already familiar in the cyber world. It's straightforward whose majority features are executed via using GoLang libraries, as also via running 3rd-party utilities namely uTorrent and BitTorrent clients, and Windows commands.

The researchers say the botnet both its original as well as modified editions have been written in Go language also called GoLang. Whilst GoLang-based malware are somewhat rare, fresh editions are, nevertheless, emerging possibly because of the difficulties they pose for security experts via their executables compiled in bulk.

Evidently, the modifications are customized forms of the malicious software to target a particular audience, even as the attackers make extra effort for staying under the radar.

Malware disseminated through pirated content is a relatively long time approach of cyber-criminals. It's therefore advisable that for avoiding similar assaults users should browse only authorized sources of downloads. Thereafter, prior to running the downloaded files, their extensions must be checked if they correspond with the intended kinds of files. Finally, computers must be regularly patched.

» SPAMfighter News - 7/18/2019