News Security

Hackers target Windows pirates with Cryptobot malware

hacker

Cryptobot, a cryptocurrency malware that steals wallet and account credentials, is now using the popular pirated Windows activation tool KMSPico to carry its way into the systems.

KMSPico tricks Windows Key Management Services into authenticating your copy of Windows as genuine. It also works with editions of Microsoft Office.

When a user downloads the infected software, Cryptobot is silently installed using background processes. Once in the system, Cryptobot starts collecting crypto wallet credentials and account details.

According to Red Canary, threat actors are targeting the “pirate community” by infecting the activation tool with Cryptobot. Red Canary’s Tony Lambert also stated that it is observed that several IT departments are using KMSPico instead of legitimate Microsoft licenses to activate systems.

Cryptobot also tries to steal information from Google Chrome, Mozilla Firefox, Opera, Brave, and Vivaldi web browsers and the CCleaner system management tool, which makes it clear that crypto enthusiasts are high-value targets.

Related posts

Windows 11 Review: Know How Microsoft’s Latest Operating System Is

Admin

Matrix SATATYA VISION

Admin

JFrog Collaborates with the Rust Foundation to Root-out Open Source Software Vulnerabilities

Admin

Leave a Comment

loader