+- Red Security (https://redsecurity.info/cc)
+-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1)
+--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4)
+--- Thread: News Hackers Are Bundling Cryptominer With a Seemingly Legit Zoom Installer on Unofficial (/showthread.php?tid=1468)
Hackers Are Bundling Cryptominer With a Seemingly Legit Zoom Installer on Unofficial - Mr.Kurd - 04-08-2020
In The Name OF Allah
Al-Salam Alekum
![[Image: zoom-scaled.jpeg]](https://latesthackingnews.com/wp-content/uploads/2020/01/zoom-scaled.jpeg)
Looks like it wasn't enough for zoom, time to faking its installer xD
Quote:Researchers from Trend Micro have found cybercriminals targeting the Zoom app installer with a cryptominer. As revealed in their post, hackers have bundled the legit Zoom installer, available on unofficial websites, with Coinminer.
In brief, whenever a user attempts to download the Zoom app from a malicious third-party website, the malware reaches their device together with the installer. The bundled AutoIt compiled malware Trojan.Win32.MOOZ.THCCABO drops numerous files to the device, most of which carry Coinminer. The dropped files also include a task scheduler and the legit Zoom installer for version 4.4.0.0.
The malware gathers various details from the target device regarding the operating system, GPU, CPU, video controllers, and processors.
Furthermore, it also checks the system for the presence of Microsoft SmartScreen, Windows Defender, and some other popular antivirus solutions. It also attempts to evade detection by looking for other monitoring tools.
The Source
Wa Salam Alekum