Like most people you have probably been spending more time at home and you might have started remote working for the first time. Of course there has been a rise in remote working as the COVID-19 pandemic spreads around the globe and video conferencing software has seen a huge increase in usage as people try to continue to work and to stay in touch with friends and family during the lockdown.

Cyber Criminals Have Not Stopped

Not to be left in the dust, cyber criminals have of course adapted to this. Showing once again that no matter what happens in the world they will try to take advantage of it, security researchers have uncovered a campaign intended to trick users into installing malware by “bundling” it with Zoom software.

A lockdown or quarantine seems to be exactly what a cyber criminal wants. They don’t need to leave their home and they won’t arouse any suspicion by not leaving. At the same time a lot of people are online that can become potential victims for them. A lockdown like we are in right now has left many criminals licking their chops.

Zoom

Zoom is one of the most affordable and easiest to use video conferencing tools available and it is one of the most popular. That last part alone makes it a good target for cyber criminals and they have responded by packaging downloads of Zoom software of their own. The downloads created by the criminals don’t come from Zoom’s website or any app store but instead come from a third-party website. Victims are drawn to the downloads via a phishing campaign with a malicious link that is sent out to try to lure victims into downloading the software.

The software package does include Zoom software so the user will be getting what they wanted but they will also be getting a whole lot more. Since the victim is getting what they want they will give permission for everything to be installed on their computer. Included will be a backdoor into the victim’s computer system that will also be installed that will allow for remote observations of anything that goes on as well as a keylogger and the ability to record live streams and take screenshots. The malicious software is also designed to be able to avoid detection.

A Common Form Of Attack

This kind of attack is a common form of cyber attack, that is to bundle legitimate software but include malicious software with it. For most people they will see that they got what they wanted and won’t think twice about it. It’s almost a win/win but it’s not a win for the victim. They might have their video conferencing software but the criminal knows their passwords and can also extort their victim using their own meetings.

How Can You Avoid This?

In this case the giveaway that a victim is downloading Zoom software from a malicious site is that the Zoom software is out of date. The version of Zoom included is 4.6 but the most up to date version is 5.0. The criminals are betting that most people will not know that or even bother to look. 

How can you avoid something like this? The easiest way is to avoid downloading software from a link sent to you unless you are expecting it (like coming from your boss or someone like that). Instead it would be best to download any software directly from that company’s website or from a trusted source like an app store. You won’t get any bundles of software from those sources but in nearly every case you can do without that extra software anyway even when the bundles are legitimate.

As we spend more time on the Internet and with the possibility of remote working becoming more of the norm we need to be more conscious of our cyber security. Most people may be aware of it but they do not think that it will happen to them. In this case, by getting the software from the actual website you can avoid a lot of hassle and in the end you will get a better version of that software. So, just remember, don’t trust that link that appears out of the blue offering you a neat software package. Instead go directly to the source. You will be better off.

Comments are closed.

Scroll to Top