The latest study about cybercriminals’ use of imitated apps to propagate cybercrime revealed that there had been an identified increase in these malicious activities as time passed. Since people have trusted many applications in their daily lives online, cybercriminals leverage it also to execute their ill-intended plans.
One of the most deployed tactics is threat actors imitating authentic applications to distribute malware. In most cases, the applications’ logos and icons are used to make the imitation more convincing for the victims. This tactic also aids the hackers in evading firewalls and other security solutions while they carry out attacks.
Some threat actors rely on stealing authentic signing certificates of authentic software to be used in signing malware. Researchers have identified more than a million malicious signed samples since 2021. According to Google, at least 13% of samples they have checked have no valid signatures, while over 99% were Windows Portable Executable files or DLL.
VirusTotal shared that about 10% of the top 1,000 Alexa domains have spread malware-infected samples.
Several people are still prone to be victimised by these imitated apps and cracked software since their operators implement advanced social engineering tactics.
The study also disclosed that the top three most imitated apps in the online landscape include Adobe Acrobat, VLC media player, and Skype. Moreover, the four most abused social media platforms for distributing computer viruses include Facebook, Instagram, WhatsApp, and Apple’s iCloud.
VirusTotal also warned people to be cautious with downloading Adobe Acrobat, Skype, and 7zip from suspicious websites since these three apps have the highest infection ratio detected.
Over 1,800 imitated apps and software were spotted since 2020 that carry dangerous malware, including Mozilla Firefox, Google Chrome, Microsoft Edge, Zoom, Steam, WhatsApp, and Proton VPN. Meanwhile, some of the domains that hackers exploit include amazonawscom, discordappcom, and squarespacecom.
Experts believe these apps and software were imitated for cyberattacks since they are widely utilised and downloaded for their respective uses.
