Security Alert Big Surprise: Chinese PUPs Deliver Backdoored Drivers

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Solarquest

Moderator
Staff member
AV-Tester
Jul 22, 2014
1,925
15,559
#1
A driver secretly installed via PUPs packages for Chinese software contain backdoors enabling a third-party to load unsigned drivers or to execute code with higher privileges on a Windows machine.

The backdoor was discovered by Malwarebytes researchers part of various bundled software packages pushed by at least two major PUP bundler networks.
The PUP installer drops a series of 7-ZIP archives on each victim's computer. These archives contain the PUP application's resources, including a 32 and 64-bit version for a driver that is forcibly and silently installed on the user's computer without his knowledge.

Backdoor enables two possible actions

More infos in the link above
 

Lockdown

From AppGuard
Developer
Oct 24, 2016
2,918
12,631
#3
scary,
There are many dangerous free programs offered on giveaway websites, As if everything is normal, even they come signed with certificate, LOL.
even, there are theories that some trust programs, they already do it.
you can not trust anyone but Live with worries, Is bad for health.

No one has to live that way anymore... just use default-deny\system lock-down instead of default-allow.
 

_CyberGhosT_

Level 52
Verified
Aug 2, 2015
4,177
27,272
Operating System
Linux Mint
Installed Antivirus
Default-Deny
#5
A driver secretly installed via PUPs packages for Chinese software contain backdoors enabling a third-party to load unsigned drivers or to execute code with higher privileges on a Windows machine.

The backdoor was discovered by Malwarebytes researchers part of various bundled software packages pushed by at least two major PUP bundler networks.
The PUP installer drops a series of 7-ZIP archives on each victim's computer. These archives contain the PUP application's resources, including a 32 and 64-bit version for a driver that is forcibly and silently installed on the user's computer without his knowledge.

Backdoor enables two possible actions

More infos in the link above
Not surprising in the least, and that's all I will say on this seeing we have so many Chinese AV software
fans here. :rolleyes:
Cool Share Solar :)