Recent Posts
The decade of ‘Techade’
Posted on March 09, 2023.jpg)
Chat GPT: A Boon or a Ticking Bomb for Data Theft?
Posted on February 28, 2023.jpg)
The Nightmare of Fake Anydesk sites and Data Theft
A cybersecurity expert from SEKOIA has alarmed the world about a notorious campaign aimed to imitate popular brands for pushing users towards Vidar information-stealing malware. The targeted brands include AnyDesk, OBS, Blender, VLC, Slack, Dashlane, and more intending to move the users to a fake AnyDesk site.
This cybersecurity researcher named crep1x published a Twitter thread highlighting more than 1300 domains redirecting towards a malicious Dropbox folder. These domains imitate well-known software application brands and lead to a fake AnyDesk site with an IP address of 185.149.120[.]9.
AnyDesk is a website used to allow remote access to a computer or system. With more than millions of users worldwide, impersonating this popular company can mislead a large chunk of people and lead to data theft.
In October 2022, a similar clone AnyDesk website was misused to steal data by hackers of Mitsu stealer.
Similarly, in the current campaign, the phishing sites were allocating a ZIP file called 'AnyDeskDownload.zip'. For the users, it would seem like a harmless download link for installing AnyDesk on their system.
However, instead of the AnyDesk software, the link downloads Vidar stealer, a malicious malware created in 2018 for information stealing.
The Vidar malware can seep into your system to steal browser history, personal information, passwords, financial data, banking information, and other sensitive data. It can also get hold of screenshots or credit card information. The hackers could misuse this data for other malicious activities like financial fraud and online impersonation.
If reports are to be believed, the campaign is still operating with a few active sites. However, some fake sites have been closed down. Dropbox is also aware of this misuse and has taken action to deal with the malicious links.
To protect yourself from such malware attacks, you should be wary of clicking on random websites and only downloading applications from verified sites.
*Reference:
https://www.bleepingcomputer.com/news/security/over-1-300-fake-anydesk-sites-push-vidar-info-stealing-malware/
https://internationalfinance.com/fake-anydesk-sites-push-info-stealing-malware-vidar/
*Disclaimer for the blog: Clicking this link will take you to an external website. Proceed with caution.
