According to security company AhnLab, a new malware campaign is being deployed by hackers, aimed at people who want to use “piracy” Windows 10, this malware will spread remote access trojans and their computers, namely: BitRAT.
AhnLab’s investigation shows that this malware campaign is focused on South Korea, or originated here. However, once these files appear on the web, they spread very quickly and users in all countries are likely to become victims.
Malware that mimics Windows 10 Pro license triggers. Windows is always on the list of software most targeted by hackers because of its popularity and there are quite a few people who use Microsoft’s operating system unofficially, making it a lucrative bait for bad guys. .
You can see in detail how AhnLab studies malware activity here. In short, users illegally activate Windows 10 Pro from a malware tool called “W10DigitalActivation.exe”, which has a simple interface with a button to “Activate Windows 10. “
However, instead of activating the Windows license, the tool will download malware and hard-coded commands operated by hackers. Then the system will be completely compromised. BitRAT has the ability to record keystrokes, access to webcams and microphones, can bind browser-recorded logins, and more. After completing the malware installation, the downloader will remove itself from the system, leaving only BitRAT.
According to experts, even if legal issues are ignored, using pirated software is always a dangerous gamble. The more tools used to activate unauthorized software, the higher the chance of getting infected with malware.
Reference: Windows Central