The VirusTotal service has just published a report on the latest trends in malware. Alexa, Adobe Acrobat, VLC or even Skype are among the software most targeted by hackers.
Based in Malaga in Spain, VirusTotal belongs to the giant Alphabet. It’s even Google Cloud’s threat detection tool. The service, which has its own dedicated search engine for malware samples, domains and hacker behavior patterns, unveiled a report a few days ago aimed at providing professionals, researchers and the general public with a state of threats. in the world when it comes to malware.
Skype, Adobe Acrobat and VLC, trio of software most imitated by hackers
The least we can say is that hackers do not offer themselves any rest, and that some of the most widely used software in the world remain prime targets for tricking users. VirusTotal first evokes the example of Amazon’s famous personal assistant. We thus learn that 10% of the first 1,000 Alexa domains have spread suspicious samples: VirusTotal speaks of 2.5 million suspicious files downloaded from 101 domains alone.
Above all, VirusTotal has seen a continuous increase in the number of malware that visually mimics legitimate applications. Skype, once king of videoconferencing, is thus the software most used by hackers to carry out malicious operations.
The communication program is slightly ahead of the famous Adobe Acrobat, which PDF enthusiasts know well, and the iconic VLC, a French media player still in massive demand today.
Hackers Hide Pieces of Malicious Code in Legit Software
Other well-known software is also cited by VirusTotal as being among the most imitated for distributing malware. This is particularly the case with CCleaner, WhatsApp, Steam, Zoom, the anti-malware tool Malwarebytes (which is more surprising) and even the most famous browsers like Chrome or Firefox.
To justify the ever-increasing attacks, social engineering is king and one of the most effective techniques remains that of concealing a piece of malicious code in updates or other installation packages for legitimate software. As soon as the hacker has access to the official distribution server of the application, to its source code or to the certificates, we even switch to a supply chain attack.
In the process of imitation, the icon of the software is moreover ” an essential feature according to VirusTotal, to convince targeted users that the programs they are downloading are indeed legitimate.
Finally, the report also dwells on the Discord software, which would have several vulnerabilities in its CDN (Content Delivery Network), this group of servers which facilitates the rapid distribution of content on the Internet, such as images, videos, HTML pages, sheets style or JavaScript files. Discord’s CDN would be an ideal ground to host malware, according to cyber experts.
Source : VirusTotal
1