Hacked Zoom installers taking over PCs — protect yourself now
Hacked Zoom installers taking over PCs — protect yourself now
Two more corrupted Zoom installers are out there waiting for people to download and run them, Trend Micro researchers reported today (May 21).
"These malicious fake installers do non come from Zoom'due south official installation distribution channels," researchers Raphael Centeno and Llallum Victoria said in a blog post. "One of the samples installs a backdoor that allows malicious actors to run malicious routines remotely, while the other sample involves the installation of the Devil Shadow botnet in devices."
- Zoom security problems: Everything that'southward gone incorrect (so far)
- Best video chat apps
- Only in: Amazon Prime 24-hour interval 2020 date revealed — it's after than we thought
The installers aren't quite "fake," every bit they practise indeed install Zoom on your PC. But they are noticeably larger in file size than the normal Zoom installer, cheers to the extra malware, and accept longer to run. You won't notice them at the official Zoom download folio.
To brand sure you're not infected by either of these pieces of malware, simply get Zoom software from the Zoom website. You should also exist running one of the best antivirus programs, which will observe both of the bad bugs.
In fact, you don't need to install Zoom software to join a Zoom meeting -- more information on that below.
Who's Zooming who?
The first of these ii corrupted installers terminates any existing remote-desktop software, then opens upwardly an obscure network port, steals the login credentials of the PC's legitimate user and allows its ain remote attackers to connect to the PC.
The second bad installer reaches out to a remote server controlled past attackers and sets upwards its malware component to run upon system startup. It'southward designed to hijack your webcam, take screenshots, log keystrokes and penetrate your firewall. It as well checks to meet what kind of antivirus software yous might have installed.
"Both pieces of malware tin can be used to infiltrate systems of high-value targets in enterprises or non-business industries to steal proprietary and confidential information," the Tendency Micro researchers wrote.
These aren't the starting time instances of Zoom installers being corrupted by malware. In early on April, the same Trend Micro researchers institute a cryptocurrency miner embedded in a working Zoom installer. At the end of April, Trend Micro found a remote-access Trojan, basically a PC hijacking kit, smuggled in some other Zoom installer programme.
How to use Zoom without Zoom software
Despite what Zoom would have yous believe, you can join a Zoom meeting without having to install anything. Any recently updated web browser volition practise.
When yous click on a Zoom coming together link, a browser page will pop upward request yous to install Zoom. Ignore that and try to click on the meeting link in the web folio a couple of more times.
Eventually, you'll come across a link in small-scale print inviting y'all to join the coming together through your browser. Click that and you'll be in, although you may need to create a Zoom business relationship.
Source: https://www.tomsguide.com/news/hacked-zoom-installers
Posted by: bornofue1955.blogspot.com
0 Response to "Hacked Zoom installers taking over PCs — protect yourself now"
Post a Comment