It is solely after a consumer clicks a malicious hyperlink, downloads the malware, after which launches it that NullMixer is deployed. However as soon as the dropper infects a sufferer’s system, it deploys an entire bunch of unhealthy malware, from spyware and adware to Trojans.
The multihyphenated malware menace lurks amongst websites promising licensed software program workarounds and pretend safety key turbines, in keeping with Kaspersky, which simply printed a report on NullMixer.
The malicious domains seem respectable to customers as a result of these websites have discovered their method as much as the primary web page of the Google search rankings for key phrases like “cracked software program” and “keygen,” utilizing superior SEO (search engine optimisation) instruments, Kasperky stated. Sadly, it isn’t simply residence customers in danger — because of the work-from-home phenomenon and folks utilizing private units for work functions, the hazard to corporations from these sorts of threats is evident and current.
“NullMixer runs many cases of malware all of sudden, and greater than half of them are malicious downloaders,” the Kaspersky report stated. “That’s, as soon as launched, they plant another factor (or extra possible, issues) in your system. Because of this, as a substitute of this system you need, you get an entire host of malware.”
Banking Trojans like DanaBot, a set of stealers together with RedLine, and spyware and adware, notably the PseudoManuscrypt Trojan, are only a few of the kinds of malware the NullMixer dropper is carrying, the report defined.
“As we stated firstly, downloading pirated software program is all the time a dangerous enterprise,” Kaspersky harassed within the NullMixer transient.