Computers around the world are currently being attacked by Fake Telegram messenger apps that inject malware into the system bypassing installed antivirus software, according to a report by Minerva Labs.
Also Read:?Android Malware 'Rogue' Can Give Hackers Full Access Of Your Phone And Is Actively Spreading
Fake installers of the Telegram messaging app are being distributed online that injects Windows-based ¡®Purple Fox¡¯ backdoor on compromised systems.?
According to researcher Natalie Zaragov, they've come across a large number of malicious installers delivering the same ¡®Purple Fox¡¯ rootkit version using the same kind of attack chain. The file has been distributed via email, or from phishing websites.?
Zaragov explains, "The beauty of this attack is that every stage is separated to a different file which is useless without the entire file set. This helps the attacker protect his files from AV (anti-virus) detection."
During the investigation, researchers saw the infected file was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which possessed low detection rates by antivirus software and the final stage progressing to Purple Fox rootkit infection.?
The aforementioned rootkit isn¡¯t new, it came into existence in 2018 that allowed the malware to be deployed well beyond the grasp of antivirus software. The rootkit nature of Purple Fox allows it to carry out its objectives in a stealthy manner. According to Zaragov they often use infected versions of legitimate software to spread the infection.
Also Read:?Joker Virus Is Attacking Android Phones Again, Delete These Infected Apps
Zaragov added, "This time, however, is different. This threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had very low detection rates by AV engines, with the final stage leading to Purple Fox rootkit infection.¡±
To be safe from Purple Fox, only download Telegram from the messenger¡¯s official website instead of third-party downloads websites.?
Keep reading Indiatimes.com for science and technology stories.