NullMixer is a nasty, brutal malware that unleashes a vicious pack of gnarly infections that may wreck your PC, breach your privateness, and steal your hard-earned cash.
Nonetheless, in keeping with a brand new report from Kapersky, NullMixer solely targets piracy downloaders — net surfers who seek for phrases like “crack,” “keygen,” and “activators” on Google. Though the illegally downloaded applications could seem like reliable (as ironic as that sounds), they’re masquerading as an infection funnels that discharge absolute chaos on customers’ PCs.
What’s NullMixer?
NullMixer is a malicious dropper designed to unleash a gaggle of malware applications to victims’ computer systems. The infections which can be launched to quarries’ PCs characteristic 21 malware households, give or take. Sure, you learn appropriately — that is practically two dozen!
For the sake of brevity, we do not dive into all of them, however listed here are a few of the most scary malicious applications:
- RedLine Stealer – snatches personal credentials, bank card particulars and digital belongings from cryptocurrency wallets
- PsuedoManuscrypt – spies on victims by stealing their browser cookies and steals cryptocurrencies by utilizing the ClipBanker plugin
- Fabookie – targets Fb customers by hijacking their accounts and linked-payment strategies, and consequently, malicious actors use the stolen credentials to run advertisements from the compromised account
- Generic.ClipBanker – displays clipboard for cryptocurrency addresses and auto replaces them with the perpetrator’s personal crypto deal with (so victims unwittingly ship their digital belongings to malicious actors)
- GCleaner – a pay-per-install malicious loader that downloads undesirable apps, serving to malicious actors profit from a pricing mannequin that pays out rewards for each set up
- Vidar – steals delicate data, together with passwords, saved bank cards, and extra
Malicious actors use search engine marketing to make sure that their NullMixer-filled downloads stay on the high of search engine outcomes for phrases like “cracked,” “keygen,” and “activators,” making it simple for victims to stumble into their traps.
“When customers try and obtain software program from considered one of these websites, they’re redirected a number of instances, and find yourself on a web page containing the obtain directions and archived password-protected malware masquerading as the specified piece of software program,” the Kapersky report mentioned.
The Kapersky investigators mentioned they have been unable to attribute NullMixer to a particular group, however for the reason that starting of the 12 months, the cybercriminal agency claims that it has blocked an infection makes an attempt for practically 50,000 potential victims worldwide.