According to ESET, there is a rise in malware campaigns targeting Chinese in Southeast and East Asia, threatening user’s cyber security. The campaign utilises misleading ads on Google, leading users to either install a “trojanized” installer or land on websites that provide legitimate software services but deliver FatalRat, a remote access trojan that grants the attacker control of the victimised computer.
Popular software and platforms that have been affected include, but are not limited to:
- Electrum Bitcoin wallet
- Sogou Pinyin Method
- WPS Office
The attackers may also rely on typosquatting to lure victims to their websites, as many of the domain names they registered are confusingly similar to those of real websites. The following are a few examples:
|telegram.org||Telegraac (.) com / telegraem (.) org /|
|electrum.org||electrumx (.) org / electrum-bsv (.) org|
|youdao.com||youedao (.) com|
Step up your cyber security:
- Always pay attention to the web address you’re at and get out the moment you notice something is not right.
- Install a reputable anti-virus program. Anti-virus programmes help monitor your computer for suspicious activity and protect it from malicious software. Be sure to install one from a trusted source and keep it updated regularly.
- Use a secure two-stage authentication password: Two-factor authentication (2FA) is an additional layer of security that helps protect your account from unauthorised access. It requires two separate forms of authentication, such as a password and a one-time code sent to your mobile device, in order to log in to an account. This helps ensure that only the intended user is logging in and accessing the account, while keeping other unauthorised users out.
By following these steps, you can make sure that your keep your cyber security tighten and protected from malicious attacks. Keeping your computer secure is essential to protecting yourself and your data, so it is important that you take the necessary steps to ensure your security.