New MosaicLoader malware targets software pirates via online ads


An continuous around the world project is pressing new malware referred to as MosaicLoader advertising and marketing concealed as fractured software via online search engine results to contaminate would-be software pirates’ systems.

MosaicLoader is a malware downloader created by its developers to release even more second-stage hauls on contaminated systems, as Bitdefender scientists disclosed in a report published today as well as shown BleepingComputer recently.

“We named it MosaicLoader because of the intricate internal structure that aims to confuse  malware analysts and prevent reverse-engineering,” Janos Gergo Szeles, Senior Security Researcher at Bitdefender, disclosed.

During their examination, Bitdefender located that MosaicLoader hazard stars made use of the list below methods to impede scientists’ malware evaluation initiatives as well as to enhance their assaults’ price of success:

  • Mimicking data info that resembles genuine software
  • Code obfuscation with tiny pieces as well as mixed implementation order
  • Payload shipment device contaminating the target with numerous malware pressures

The scientist included that the project does not target a details area. Due to its online advertising and marketing tempts, it will certainly try to contaminate any type of online search engine customers aiming to download and install as well as mount fractured software installers on their gadgets.

MosaicLoader campaign distribution
MosaicLoader project circulation (Bitdefender)

The enemies are masking their droppers as executables coming from genuine software, making use of comparable symbols as well as consisting of information such as business names as well as summaries within the documents’ metadata information to pass shallow analysis.

After being released on a target’s system, MosaicLoader downloads added malware varying from cryptocurrency miners as well as cookie thiefs to Remote Access Trojans (RATs) as well as backdoors making use of “a complex chain of processes.”

To contribute to the risk of obtaining your system contaminated with MosaicLoader, the hazard stars (or their customers) can gather delicate information such as qualifications from endangered systems making use of RATs as well as comparable malware with information burglary capacities.

The taken information can later on be made use of to pirate sufferers’ online accounts as well as utilize the gotten in identification burglary rip-offs or blackmail rip-offs.

Bitdefender accumulated as well as evaluated numerous malware examples supplied by MosaicLoader via a malware sprayer that downloads additionally hauls from attacker-controlled domain names organizing checklists of URLs organizing malware (several of them are noted in the table ingrained listed below).

Malware delivered by MosaicLoader
Malware supplied by MosaicLoader (Bitdefender)

“The best way to defend against MosaicLoader is to avoid downloading cracked software from any source,” Szeles wrapped up.

“Besides being against the law, cybercriminals look to target and exploit users searching for illegal software.”

Additional technological information as well as indications of concession, consisting of malware hashes as well as command-and-control framework information, can be located at the end of Bitdefender’s whitepaper.

Comments are closed.

buy levitra buy levitra online