"StrongPity" malware infects Windows users through legitimateinstallers

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

First Spotify delivers malware through ads, now this.

https://tech.slashdot.org/story/16/1...ty-malware-inf
ects-users-through-legitimate-winrar-and-truecrypt-installers?utm_source
=feedburner&utm_medium=feed&utm_campaign=Feed%3A+S lashdot%2Fslashdot+%28
Slashdot%29

Kaspersky Labs has revealed a new strain of malware -- named
'StrongPity' which targets users looking for two popular applications
- - WinRaR and TrueCrypt. The malware contains components that not only
has the ability to give attackers complete control on the victim's
computer, but also steal disk contents and download other software
that the cybercriminals need. From a Neowin report:
To be able to gather victims, the attackers have built special fake
websites that supposedly host the two programs. One instance that was
discovered by the researchers is that the criminals transposed two
letters in a domain name, in order to fool the potential victim into
thinking that the program was a legitimate WinRAR installer website.

- --
Silver Slimer
Islam is a disease
Gab.AI: @silverslimer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJX/U0vAAoJEIwFfgf/rr+ua1wH/A+APk0dyNx5xeq85UfDDisI
vrtJSUJkl5smDHYTzTwKkO9p5wizmXT63OhWjKByfFWW+qnC47 imHjQ+FqtB+0Ki
rblckSWZ3yoZdwQSEMnIau6t76/hqMEvfsK/N9jHdV8CY3gdAYYUUQvysu37u0gm
OSGY+bp+EbAO91muqKEPdktiNTpIRJnHiPMGHUtBQG4h/ymLG8uJQcMS96xvwzhg
SYUZK5J30h5QXvaX7YPIVg7pwj5l4SqVFPzo1EkE+1ippw6Ykw JAjpYvLGbxdhSn
iCtyQ7RAr9ofnEBlna1UPfiYVMzJ3j9PjShe6pNheiy2J9XGNT UdTWofuW9hqXg=
=1w7Q
-----END PGP SIGNATURE-----

On 11 Oct 2016, Silver Slimer wrote:

Subject: "StrongPity" malware infects Windows users through legitimate installers

To be able to gather victims, the attackers have built special fake
websites that supposedly host the two programs.


They are not legitimate installers. They are fake installers from fake
websites. The subject line was a slimy shill.

Broom wrote this copyrighted missive and expects royalties:

On 11 Oct 2016, Silver Slimer wrote:

Subject: "StrongPity" malware infects Windows users through legitimate installers

To be able to gather victims, the attackers have built special fake
websites that supposedly host the two programs.

They are not legitimate installers. They are fake installers from fake
websites. The subject line was a slimy shill.

As are many cross-posts between "opposing" newsgroups.

--
Hooooo hahhhhhhh

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 2016-10-12 4:10 AM, Broom wrote:
On 11 Oct 2016, Silver Slimer wrote:

Subject: "StrongPity" malware infects Windows users through
legitimate installers

To be able to gather victims, the attackers have built special
fake websites that supposedly host the two programs.


They are not legitimate installers. They are fake installers from
fake websites. The subject line was a slimy shill.

I only copied the title the article itself had used; it wasn't my opinio
n.

Silver Slimer wrote:

Broom wrote:

They are not legitimate installers. They are fake installers from
fake websites. The subject line was a slimy shill.

I only copied the title the article itself had used; it wasn't my
opinion.

Actually the original page now says "illegitimate"

https://www.neowin.net/news/strongpity-malware-infects-users-through-legitimate-winrar-and-truecrypt-installers

the fact that "legitimate" occurs as a necessary part of the URL,
suggests that it was a later correction ...