News Security

Hackers target Windows pirates with Cryptobot malware

hacker

Cryptobot, a cryptocurrency malware that steals wallet and account credentials, is now using the popular pirated Windows activation tool KMSPico to carry its way into the systems.

KMSPico tricks Windows Key Management Services into authenticating your copy of Windows as genuine. It also works with editions of Microsoft Office.

When a user downloads the infected software, Cryptobot is silently installed using background processes. Once in the system, Cryptobot starts collecting crypto wallet credentials and account details.

According to Red Canary, threat actors are targeting the “pirate community” by infecting the activation tool with Cryptobot. Red Canary’s Tony Lambert also stated that it is observed that several IT departments are using KMSPico instead of legitimate Microsoft licenses to activate systems.

Cryptobot also tries to steal information from Google Chrome, Mozilla Firefox, Opera, Brave, and Vivaldi web browsers and the CCleaner system management tool, which makes it clear that crypto enthusiasts are high-value targets.

Related posts

Zendesk Expands Sunshine CRM Platform to Deliver Complete View of the Customer

Admin

Airtel rolls out “5G for Business” to demonstrate 5G use cases for enterprises

Admin

Infopercept launches a solution to address gaps in Cybersecurity Leadership

Admin

Leave a Comment