As per Kaspersky researchers, a bizarre malicious campaign which uses the phishing copy of a popular VPN service’s website spread Trojan stealer, AZORult under cover of Windows’ installers. The unprecedented campaign abused the ProtonVPN service and dropped the malware through the installers Window.
How AZORult Abused ProtonVPN?
The infamous campaign was initiated at the end of November 2019 (active currently) when the traitors registered their domain as protonvpn[.] store (similar to ProtonVPN). When the users visited the duplicated copy of the website and downloaded the installer, the copy of AZORult Virus was implanted in their system.
Malicious developers designed the malware to steal personal information and digital currency from hot wallets of infected users, FTP logins and passwords from FileZilla, Pidgin messenger and others. The recent campaign signifies the ever-increasing hunt of cybercriminals for cryptocurrency.
AZORult As The Constant Crypto Stealer
AZORult, with its wide range of capabilities, has a history of malware attacks. In 2019, around 40,000 users of the Middle East were targeted. In the suspicious cyber world where privacy is the primary concern of enthusiasts, VPN services play a significant role as it enables safe internet browsing through additional data protection. The cybercriminals took advantage of the blind trust over VPN and dropped the malware.
Thus, cybersecurity is the need for the future for the global adoption of cryptocurrency. Cybercriminals often take advantage of the non-alert users and popular brands to steal the currency. So, the investors must put extra effort to store their keys in cold wallet. Also, one must not forget to cross-check the “authenticity” of the source.
“Technology is Double-Edged Sword”, technology created the blockchain as well as it can destroy it too if the proper cybersecurity is not ensured. Though several authorities all across the world are implementing stricter regulations for exchanges, there is a need for sophisticated developers which can assure the malware-free network.