The company better safetyProofpoint has discovered a new form of malware that costs just $7 and can be undetected by anti-virus software.
After an in - depth analysis of malware, the Proofpoint explains that Ovidi Stealer costs from 450 to 750 rubles (ie from 7 to 13 USD), and includes a precompiled executable file.
The company reports that the file is encrypted to "prevent analysis and detection," and while the infection can be detected by some antivirus solutions, it is reported in a general description that says little about the purpose of Malware.
Ovidiy Stealer usually spreads through executable email attachments, compressed executable attachments, and links to sites with cracks and keygens. In all cases, the included file is an executable file that contains the malicious software.
The malware it targets many popular software solutions such as Google Chrome, το πρόγραμμα περιήγησης Opera, το Filezilla και το πρόγραμμα περιήγησης Torch.
"We have noticed that versions from 1.0.1 to 1.0.5 are released. Ovidiy Stealer is written in .NET and most samples are packaged with either .NET Reactor or Confuser. During the run, the malware remains in the folder where it was installed and where it will start running all its processes. The strange thing is that there is no mechanism that restarts it during the reboot. So after the system is shut down the malware will stop running, but the folder will remain in the system ", says Proofpoint.
Μόλις μολύνει ένα μηχάνημα, το malware χρησιμοποιεί συνδέσεις SSL/TLS για την επικοινωνία του με ένα διακομιστή διοίκησης και ελέγχου και αναζητά codeς πρόσβασης στις εφαρμογές που αναφέρονται παραπάνω για να τους παραδώσει στους hackers. Αποστέλλει πληροφορίες όπως το αναγνωριστικό του επεξεργαστή, της ιστοσελίδαs with stored credentials, targeted applications, username and passwords.
Many updated samples of malware have already been detected online, so updating the security software you use and always checking twice before downloading files from unreliable sources seems to be the two best ways to stay protected.