What Is StrongPity?
So now we have a new type of malware in the computer world. StrongPity a new kind of malware is revealed by the security firm Kaspersky Lab. Kaspersky revealed this malware on Monday. The major working principle of this malware is that it targets the web surfers. Especially those who are looking for specific tools like WinRAR and TrueCrypt. As you all know WinRaR is a popular file compression software. About TrueCrypt it the quick file encryption tool. The malware StrongPity has it own platform specific installers for both tools. After a single installation, it will provide full access to the attacker of the victim’s system.
StrongPity In Picture:
As per information provided by the Kaspersky lab, the StrongPity belongs to Italy and Belgium, but the malware also affected the people living in Turkey, North Africa, and the Middle East. For attacking WinRAR platform, the malware’s link is given on some fake websites. To act as an authenticate installer site these website uses two inverted letters in their domains. That’s how these duplicated WinRAR sites act as an official site and provide the fake link.
“Kaspersky Lab data reveals that in the course of a single week, malware delivered from the distributor site in Italy appeared on hundreds of systems throughout Europe and Northern Africa/Middle East, with many more infections likely,” stated the firm. “Over the entire summer, Italy (87 percent), Belgium (5 percent) and Algeria (4 percent) were most affected. The victim geography from the infected site in Belgium was similar, with users in Belgium accounting for half (54 percent) of more than 60 successful hits.”
First Appearance Of StrongPity
Kaspersky Lab first noticed the StrongPity activity on May 28 in Belgium. They also noticed the same the working of the same method in Italy too. After some research and investigation, the firm found the involvement of a fake WinRAR site giving the fake download links. However, the file was from all the infected systems were. But the bad news is StrongPity is still active on the web servers.
The most surprising fact about StrongPity is that at present is attacking through TrueCrypt installer. The most important reason for saying this fact a surprise for all is because its development ended in May 2014. As Microsoft pulled its hand back from Windows XP’s support the need of True was vanished. And then TrueCrypt was replaced BitLocker.
According to Kaspersky Lab, TrueCrypt installer is still active. However, on the web, there is only one fraud TrueCrypt website is present. From the records that websites make approximately 95% percent of victims in Turkey.
Statements From Kaspersky Lab:
A principal security researcher at Kaspersky Lab Kurt Baumgartner was the first person who informed about the StrongPity activity. He announced this during “the Virus Bulletin 2016 conference.”. Kurt resembles the StrongPity as a Yeti who is terrifying the IT software installers and give up on “genuine distribution sites.” Such attacks are “unwelcome and dangerous” that are needed to resolve by the security industry.
Attackers of StrongPity can fully access the victim’s system. They even can steal the hard drive’s data, download unnecessary modules. They can also fetch victim’s PC’s communications and contacts. At the end, Kaspersky Lab Software will check the detect and remove the StrongPity malware.
Read More At- https://goo.gl/rfDOY4