Researchers have discovered a new malware campaign in the wild targeting Windows users by mimicking cracked CCleaner. This malware campaign employs all the legit means, including Google Search results, to lure users. Once downloaded, the malware sneakily steals data and cryptocurrency details from the victim’s device.
Malware Poses As Cracked CCleaner App
Researchers from Avast have warned users about a severe malware campaign exploiting their CCleaner tool. The campaign, identified as “FakeCrack”, spreads a potent data-stealing trojan by impersonating pirated CCleaner app versions.
Since users are frequently interested in getting cracked versions of premium apps, such offers quickly attract their attention. Hence, malicious campaigns exploiting this aspect of public interest prove lucrative for the attackers.
Briefly, the attackers have set up various malicious sites offering the CCleaner pirated versions. They even employed BlackHat SEO techniques to make those sites acquire top positions on Google SERPs. Thus, they increase the chances of those websites tricking users.
Upon visiting such a malicious link, the user reaches a seemingly legit hosting site like Mediafire.com after several redirects. This hosting site offers the file with the cracked version. Since the attackers abuse generally trusted file-sharing platforms in this campaign, the victims will likely fall to downloading the malicious file. The attackers have also protected the file with passwords (that they openly advertise to the victims) to ditch malware detection.
Once the malware reaches the target system, it gains persistence and executes malicious activities. These include stealing stored information and login credentials from browsers, crypto wallet data, and scanning and extracting data from the clipboard.
Since all these activities happen in the background, the victims may seldom detect the malware infection. Hence, the attackers get ample time to continue stealing data and spreading the infection to other systems.
The researchers have shared the technical details of this campaign in a blog post.
Watch Out For FakeCrack
Installing cracked or pirated software versions is never recommended owing to the underlying security threats. Offering premium tools for free is one of the biggest attack vectors through which criminal hackers target innocent users. Therefore, users should always avoid downloading apps from untrusted or unofficial sources, even if it involves no money. Instead, users may try downloading open-source alternatives from official; websites that are often available at no cost.
CCleaner is a legitimate Windows system cleaner utility that claims to help users with slow PC speeds. The app removes potentially unwanted apps and junk files, saving the time for the users to filter the extra stuff. Since it’s popular among Windows users, it often suffers malicious exploitation by criminals, who tend to lure users using its name.