Vulnerability Management, Malware

Popular applications increasingly impersonated in social engineering attacks

The Hacker News reports that legitimate applications, including Adobe Reader, Skype, and VLC Player, have been increasingly impersonated by threat actors in social engineering attacks. Attackers looking to achieve social engineering attack success have also been spoofing Microsoft Edge, WhatsApp, Zoom, Steam, CCleaner, 7-Zip, and TeamViewer, according to a VirusTotal analysis. "One of the simplest social engineering tricks we've seen involves making a malware sample seem a legitimate program. The icon of these programs is a critical feature used to convince victims that these programs are legitimate," said VirusTotal. Malicious actors have also been exploiting legitimate domains to evade IP-based security protections, as well as misusing the Discord and Telegram platforms for malware hosting and attacker communications, respectively. "When thinking about these techniques as a whole, one could conclude that there are both opportunistic factors for the attackers to abuse (like stolen certificates) in the short and mid term, and routinely (most likely) automated procedures where attackers aim to visually replicate applications in different ways," said researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.