- Aug 30, 2012
- 6,598
Want a virus? Download some pirated software.
The Gatak Trojan is trying to lure victims by pinning itself on what would seem to be pirated software. It is mainly targeting the health care industry. The malware has been around for five years, but is seeing a resurgence by luring people with online ads offering pirated software keys that, if legit, would give someone the ability to download and use premium software at a discount.
The ads come from a key generator company that is offering pirated keys for such software as:
• SketchList3D (woodworking design software)
• Native Instruments Drumlab (sound engineering software)
• BobCAD-CAM (metalworking/manufacturing software)
• BarTender Enterprise Automation (label and barcode creation software)
• HDClone (hard disk cloning utility)
• Siemens SIMATIC STEP 7 (industrial automation software)
If the victim clicks on the ad, it sends the user to a key gen page where the Gatak trojan is delivered.
“The malware is bundled with the product key and, if the victim is tricked into downloading and opening one of these files, the malware is surreptitiously installed on their computer,” Symantec said.
Although the delivery method is known, the purpose is still questionable. It is thought that the trojan is used to skim off data which is sold on the dark web. That would explain why it is targeting the health care industry.
“Healthcare organizations can often be pressurized, under-resourced, and many use legacy software systems that are expensive to upgrade. Consequently, workers could be more likely to take shortcuts and install pirated software” the report said.
As usual, employees are to be cautioned about trying to download pirated software.
The Gatak Trojan is trying to lure victims by pinning itself on what would seem to be pirated software. It is mainly targeting the health care industry. The malware has been around for five years, but is seeing a resurgence by luring people with online ads offering pirated software keys that, if legit, would give someone the ability to download and use premium software at a discount.
The ads come from a key generator company that is offering pirated keys for such software as:
• SketchList3D (woodworking design software)
• Native Instruments Drumlab (sound engineering software)
• BobCAD-CAM (metalworking/manufacturing software)
• BarTender Enterprise Automation (label and barcode creation software)
• HDClone (hard disk cloning utility)
• Siemens SIMATIC STEP 7 (industrial automation software)
If the victim clicks on the ad, it sends the user to a key gen page where the Gatak trojan is delivered.
“The malware is bundled with the product key and, if the victim is tricked into downloading and opening one of these files, the malware is surreptitiously installed on their computer,” Symantec said.
Although the delivery method is known, the purpose is still questionable. It is thought that the trojan is used to skim off data which is sold on the dark web. That would explain why it is targeting the health care industry.
“Healthcare organizations can often be pressurized, under-resourced, and many use legacy software systems that are expensive to upgrade. Consequently, workers could be more likely to take shortcuts and install pirated software” the report said.
As usual, employees are to be cautioned about trying to download pirated software.
