A new breed of malicious tool called RAUM invaded both Mac and PC. Security group InfoArmor said that several unsuspecting victims fell when RAUM disseminated three other malicious tools like CryptXXX, Pony and Dridex Trojans.
Getting infected with either of the trio is a nightmarish experience for computer users. CryptXXX bars computer apps and important data unless the victim pays ransom to regain access. On the other hand, Dridex is notorious for stealing financial credentials like banking and online money accounts. Then spyware Pony targets passwords and similar data.
According to PC World, RAUM has immersed itself in popular pirated apps downloadable via torrent. RAUM is maximizing the impact by sandwiching in torrents that have high number of peers. They also track popular uploaders and hijacks their accounts so they can infect from the source. The modus is not easy to kill either because it can infect as long as 2 months without the user detecting it.
Now to add up to the mayhem, RAUM is selling their tool through invitation-only black market. InfoArmor said that it is tough to gain access in this black market because stringent verification system is in place to check the background of buyers. With these predicaments at hand, the only solution InfoArmor has is avoidance of pirated PC games, software and operating systems.
InfoArmor said that they traced RAUM from a known EURO-based organized blackhats group. Then they verified the information through underground web hangout that hackers are frequenting.
Meanwhile, Tech Worm reported that InfoArmor head Andrew Komarov said RAUM analyzes trending torrents then repacks the final version with malwares. Komarov identifies PirateBay, TorrentHound and Extra Torrent as most victimized sites.
RAUM went as far as taking advantage of weak accounts and uses botnet logs to seed using known uploaders without getting traced. InfoArmor was able to analyze at least 1.7 million records infecting social media, corporate data and other online accounts at mind-boggling pace.