Posted By Remote Techs On 13-May-2020
Are you working from home right now? If so, you’re certainly not alone. Tens of millions of people are doing the same, and there are untold millions around the world doing likewise.
Working from home presents a host of new challenges, not the least of which is finding ways of communicating face to face without violating social distancing rules.
For an increasing number of people, Zoom is becoming the communications tool of choice. That is a fact that hackers around the world are only too happy to exploit.
The simple truth is that Zoom has been found to have significant security risks, which the developers are working hard to address. Even if they succeed in their goal and make the communications platform more secure, hackers have already found a new inroad: They’re now offering fake Zoom downloaders that install a wide range of malware.
Researchers at TrendMicro have been tracking the issue and have found that the RevCode WebMonitor RAT is the current malware of choice for this most recent campaign.
The researchers stress that the poisoned downloaders aren’t coming from the download center on Zoom’s corporate site. Instead, they’re being loaded onto a large number of thinly disguised domains promising free tools, including Zoom. Given this reality, it’s important to pay close attention to exactly where the software you’re downloading is coming from. If you’re not getting it from a trusted source, there’s no telling what you might wind up installing on your phone or computer, in addition to the software you originally meant to acquire.
This is hardly a new tactic. Hackers have long relied on poisoned installers that deliver both legitimate software and quietly install a malicious payload in the background. These days though, the tactic is becoming more common than ever, so be on your guard against it. Be mindful of where you’re getting your downloads from.