Jump to content
  • Malicious KMSPico Windows Activator Stealing Users' Cryptocurrency Wallets

    aum

    • 772 views
    • 2 minutes
     Share


    • 772 views
    • 2 minutes

    Users looking to activate Windows without using a digital license or a product key are being targeted by tainted installers to deploy malware designed to plunder credentials and other information in cryptocurrency wallets.

     

    The malware, dubbed "CryptBot," is an information stealer capable of obtaining credentials for browsers, cryptocurrency wallets, browser cookies, credit cards, and capturing screenshots from the infected systems. Deployed via cracked software, the latest attack involves the malware masquerading as KMSPico.

     

    KMSPico is an unofficial tool that's used to illicitly activate the full features of pirated copies of software such as Microsoft Windows and Office products without actually owning a license key.

     

    AVvXsEgCZp4WBbNG7worLyLO41CP2w7Yhz7MHgLt

    "The user becomes infected by clicking one of the malicious links and downloading either KMSPico, Cryptbot, or another malware without KMSPico," Red Canary researcher Tony Lambert said in a report published last week. "The adversaries install KMSPico also, because that is what the victim expects to happen, while simultaneously deploying Cryptbot behind the scenes."

     

    The American cybersecurity firm said it also observed several IT departments using illegitimate software instead of legitimate Microsoft licenses to activate systems, adding the altered KMSpico installers are distributed via a number of websites that claim to be offering the "official" version of the activator.

     

    This is far from the first time cracked software has emerged as a conduit for deploying malware. In June 2021, Czech cybersecurity software company Avast disclosed a campaign dubbed "Crackonosh" that involved distributing illegal copies of popular software to illegally abuse the compromised machines to mine cryptocurrency, netting the attacker over $2 million in profits.

     

    Source

     

    Also: Beware: Fake KMSPico Windows activator carries crypto wallet info stealing malware.


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...