Installing a cracked software? You might want to read this

For many, cracked/pirated software can be convenient way to get a reputed software for free, but it can invite many security risks that people are unaware of.???

In this edition of the Journal, we will see how cybercriminals steal personal and financial information by disguising malware as cracked software.??

How can installing a crack software invite malware??

A lot of people go to YouTube to search for tutorial videos for software or learn a way to download a cracked version of software for free.??

Cybercriminals leverage this to deliver malware through malicious links. ?These links comprise malicious software tailored to steal their sensitive personal and financial data. Hackers mask malicious software (mostly infostealers) behind cracked/pirated copies of popular software.??

An infostealer is a malware created for the sole purpose of stealing information that can be used for multiple malicious reasons, from carrying out credit card fraud and identity theft to purchasing contrabands from the dark web. ?It is one of the potent reasons to avoid downloading cracked/pirated software.??

How do cybercriminals lure their victims?

There is a common way through which a cybercriminal traps their victims. They post a comment on a YouTube video or GitHub discussion board. For example: “Complete Adobe Photoshop Tutorial! Free Crack Download 2024”.

They know that anyone who has stumbled upon a video on YouTube with a similar title will check for other cracks available for the same software.??

Cybercriminals often put tutorials to make the links seem more genuine and trustworthy. Upon clicking the link, the user is redirected to another comment (on YouTube, social media, or platforms like GitHub) with a link to download the crack.??

These links can also redirect to malicious sites made by cybercriminals to steal information or unload malware to their target’s system. ???

Now you must be thinking “How does the malware go undetected by their target?” Attackers use various methods to deceive their target’s defenses. Let us explore them!?

How cybercriminals deceive their target’s defenses?

Cybercriminals use reputable file hosting services like MediaFire and mega.nz to hide the origin of the malware, making it difficult to detect and remove the malware. These malicious files are often encoded and password protected to prevent early detection.??

The following are some other methods through which cyber criminals deceive their target’s defenses:?

• They use a technique called DLL side-loading where they execute a malicious code by loading a malicious DLL file on a legitimate application.??

• Using large-sized installer files??

• Connecting malicious files and links to legitimate websites??

• Renaming file names to seem genuine?

What are some best practices against such threats??

There are some preventive measures and security best practices that the organization must adopt to prevent and reduce the risk of such threats:?

• Consider a multi-layered approach to security that encompasses networks, endpoints, and identities.?

• Measure and address awareness gaps in your organization regarding such threats and the best practices to prevent them.?

Take assistance from cybersecurity experts to:?

• Establish a round the clock monitoring of the infrastructure and ensure regular threat hunting against the latest threats??

• Perform threat hunting on a regular basis and??

• Plan and prepare a detailed incident response plan.??

To summarize

Cybercriminals use infostealer malware masked as cracked software to steal personal and financial information from their targets. They lure their targets in the name of tutorials and free downloads of cracked versions of software and use other malicious techniques to be successful in their attempts to steal information and data for carrying out identity theft, fraud, and other malicious activities.?