The greedy loses twice, they say. Some owners of pirated Windows will remember this aphorism for sure.
Let’s be honest, most people who use pirated software do it for purely pragmatic reasons, hoping to save money. This time, however, the unlucky ones not only did not avoid the expense, but on the contrary – they faced even greater costs than if they went to the store to purchase the required licenses as standard.
KMSPico, one of the world’s most popular activation of pirated software Microsoft has been (and still is) used for an indefinite period of time to distribute Cryptbot malware, reports security researcher Tony Lambert of Red Canary. Figuratively speaking, by downloading the activator, countless people have treated themselves to a very dangerous Trojan.
Let us emphasize very dangerous. Cryptbot can because extract all sensitive data from the most popular browsers such as Chrome, Opera or Vivaldi, with passwords and logins at the forefront. Thus, it allows, for example, to gain access to someone else’s transaction service at the bank, and in addition, it also effectively cleans cryptocurrency wallets.
The number of casualties is difficult to estimate, but Lambert notes that at some point they both most popular links to KMSPico on Google led to malware. He adds that there are certainly companies on the list of victims, because the researcher is said to know that IT departments can use an activator instead of a legal path just to save some time.
Notably, it is not the first time that pirate software has become an attack vector in recent times. In June 2021, Avast described the campaign called Crackonoshin which criminals distributed cracked copies of popular software, equipped with an unwanted addition in the form of a cryptocurrency excavator. It was established that they then earned over $ 2 million.
Photo Source: Shutterstock (Cherries)
Text Source: Red Canary, ed. own