Hacked the forum of the software company IOBit

The IOBit forum was breached over the weekend. The purpose of the hack was to distribute DeroHE ransomware to forum visitors.


I'm not sure if there are people who are influenced by the readers of iGuRu.gr, as IOBit is not (at least for me) and such a remarkable company.

That's because IOBit offers tools for cleaning and Windows systems, registry cleaners, or malware cleaners. Windows tools that is, which are usually unnecessary, and in some cases even harmful.

But there are also who love IOBit tools.

So over the weekend, IOBit forum users received a supposedly special email. Forum members received emails υ που ισχυρίζονταν ότι προερχόταν από την IObit. Τα email πρόσφεραν δωρεάν άδειες 1 έτους για το λογισμικό τους σαν ειδικό προνόμιο για τη συμμετοχή τους στο φόρουμ. Φυσικά τα emails ήταν δόλωμα.
Whoever did on the Download Now button from the purported IOBit message was automatically redirected to:

hxxps: //forums.iobit.com/promo.html

From the above address the victims could download free-iobit-license-promo.zip.

The zip contained digitally signed files of the legal IObit License Manager program. However, the intruders had replaced the IObitUnlocker.dll file with a signed malicious application. Virustotal recognized her as a trojan. This file then downloaded the DeroHE ransomware to the victim's computer.

A few hours later, the victims' system was encrypted with ransomware DeroHE and displayed a nice alert that required 200 Crypto-Coins (about US $ 100) to decrypt. Bleeping Computer analyzed the malware a little more and describes it better its mode of operation.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).