Research shows hackers proliferate spoof sites and fake apps / Representative Image |
The next time you install a much-discussed application on your device or visit a popular website, check the filename or URL carefully. Recent research has revealed that Skype, Adobe Acrobat, and VLC Player are the three most commonly cloned apps used by hackers who create malware disguised as these apps.
Additionally, WhatsApp, Instagram, and Amazon are the top fake websites created by hackers to distribute malware.
The revelations were made during a deep dive into the spread of malware conducted by VirusTotal, a Google subsidiary that scans suspicious files, domains and websites to detect malware and other breaches and shares them with the cybersecurity community.
For the last 16 years of its existence, VirusTotal has analyzed over two million malicious files from 232 countries around the world every day. Recently, an increase in “supply chain” attacks has been observed, where attackers have started to embed their malware into the sources of authentic and popular software widely used by people around the world.
According to VirusTotal research, attackers have increasingly begun to disguise their malware to look like legitimate apps and distribute it using common phishing methods. The three most frequently impersonated apps are Skype (28%), Adobe Acrobat (18.2%) and VLC Player (17.6%). Other apps that come close include 7zip, TeamViewer, CCleaner, and Microsoft Edge.
All these apps are the first choice for users in their respective functions. In a similar analysis of legitimate websites spoofed to host malware, VirusTotal found that 23% of the spoofed websites impersonated WhatsApp, 22.5% impersonated Instagram, and 13% were made to look like Amazon. All three sites are popular and come to mind first for messaging, social media, and online shopping.
“Supply chain attacks are a concern for good reason. The various techniques analyzed in this report can have similar effects on the victim’s defenses. Although they may appear less sophisticated than other forms of cyberattacks, they can be a differentiating factor in being successful in a socially engineered attack or bypassing many existing security measures used by defenders,” VirusTotal explained in its report.
The best defense in such cases is vigilance. It is always recommended to download apps from legitimate app hosting platforms like Google Playstore. Any links or installation files shared via social media should always be treated with suspicion and ignored, even if they come from a known person. Likewise, when searching for a website on a search engine, it’s a good idea to examine the URL closely and look for an “https” tag, experts say.
(To receive our daily e-paper on WhatsApp, please click here. To receive it on Telegram, please click here. We allow sharing the PDF of the paper on WhatsApp and other social media platforms.)