SophosLabs researcher Andrew Brandt has discovered malware that identifies and blocks software pirates.
The Vigilante malware is installed when victims download and execute what are believed to be pirated software or games.
The malware reports the executed file name and the IP address of the victims' computers to a server controlled by the attackers, and attempts to modify the computers to prevent them from accessing as many as 1,000 pirate sites.
Brandt said, "It's really unusual to see something like this because there's normally just one motive behind most malware: stealing stuff."
Some of the trojans were found in software packages available on a Discord-hosted chat service, while others were disguised as popular games, productivity tools, and security products available through BitTorrent.
To disinfect their computers, users will need to edit their Hosts file.
From Ars Technica
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA