These are the apps that supplant the most

Cybercriminals take every opportunity to steal money from their victims, resorting to all kinds of tricks. Some use malware that tries to infiltrate various devices through trickeryabusing the trust of users.

VirusTotal, a malware analysis platform belonging to Google Cloud and headquartered in Malaga, has published a study on the methods most used by attackers. To conduct the investigation, VirusTotal has analyzed millions of samples of suspected fraudulent software that its service detected between 2021 and so far in 2022.

According to the study, cybercriminals try to get their victims to trust them by using legitimate domains, stolen digital certificates, adding the malware to a program’s installation package, or disguising the malware as benign software.


Malwares are tools that cybercriminals use to access our data.

The use of legitimate domains

Using legitimate domains, fraudsters evade protections such as firewalls by restricting certain IPs and domains. The most used is discordapp.com and others are squarespace.com, amazonaws.com, mediafire.com, qq.com, fc2.com, baidu.com, live.com, and archive.org.

VirusTotal notes that 10% of the 1,000 most visited domains on the Internet (according to Alexa) distributed malware.

stolen digital certificates

Some cybercriminals use stolen digital certificates to sign their rogue software. In this way, they pretend to come from legitimate sources.

87% of the samples analyzed by VirusTotal have a valid digital signature.


Nefilim is one of the 16 ransomware that most affects the rich.

Insert the malware into the installer of a legitimate app

VirusTotal found more than 4,000 samples of malware packaged in installers of different programs, such as Google Chrome, Malwarebytes, Windows Update, Zoom, Brave, Firefoox, ProtonVPN and Telegram.

These installation packages were downloaded from websites such as cloudfront.net, infocarnames.ru, hotaction.online, imgfarm.com, mediadownloader25, discordapp.com, amazonaws.com, yandex.net, winzipdriverupdater.com, and telegram-rus.ru

Supposed legitimate apps that are malware

Other cybercriminals directly impersonate an application known to users to introduce Trojans to their devices. Some of the most imitated platforms are Skype (28%), Adobe Acrobat (18.2%), VLC (17.6%), 7zip (11.5%), TeamViewer (7.5%), CCleaner (5.6%), Microsoft Edge (2.5%), Steam (23%), zoom (1.8%) and WhatsApp (0.8%).

Sign up for our newsletter and receive the latest technology news in your email.

Source link

About John

Check Also

Amazon sinks the price of the iPhone 13 and you can’t let it go

With an offer like this, the iPhone 13 becomes one of the best alternatives on …

Leave a Reply

Your email address will not be published.