Researchers claim more than 500,000 PCs have been left wriggling with malware after a cracked app went on to retrieve further nasties from Bitbucket repos.
Security company Cybereason has studied a campaign to deliver “an arsenal of malware” including credential stealers, cryptocurrency miners, ransomware and crypto-coin pinchers.
“It is also able to take pictures using the camera [and] take screenshots,” wrote researchers Lior Rochberger and Assaf Dahan.
How this stuff was managed and coordinated without bringing the user’s machine to a standstill is not specifically mentioned, but the duo added that “the combination of so many different types of malware exfiltrating so many different types of data can leave organisations unworkable”.
Users generally start their journey to hell, according to the paper, by “downloading a cracked version of commercial software like Adobe Photoshop, Microsoft Office, and others”. There is an insatiable appetite for free versions of expensive software, it seems, and search engines are happy to help. We searched Bing for “Download Adobe” and right at the top of the page were videos with guides to illegal downloads; no, we did not test these for malware but it would not be surprising if they came with some unwanted extras.
Source - https://www.theregister.co.uk/AMP/2020/02/06/500k_pcs_infected_with_malware_delivered_via_cracked_commercial_software_and_bitbucket_repositories/