Cyber criminals are distributing a powerful form of trojan malware to victims by disguising it as a launcher for one of the world's most popular video games.
LokiBot first emerged in 2015 and remains very popular among cyber criminals as a means of creating a backdoor into infected Windows systems. It steals sensitive information from victims -- including usernames, passwords, bank details and the contents of cryptocurrency wallets -- via the use of a keylogger that monitors browser and desktop activity.
Now a new LokiBot campaign is attempting to infect users by impersonating the launcher for Epic Games, the developer behind highly popular online multiplayer video game
Fortnite.
This newly uncovered LokiBot campaign has been discovered and detailed by cyber security researchers at
Trend Micro, who note that it uses an unusual installation routine to help avoid detection by antivirus software.
Researchers told ZDNet that they believe the fake downloader is distributed via spam phishing emails sent out in bulk to potential targets, as this is historically the most common way for LokiBot attacks to begin.
Downloading and running the false Epic Games launcher, which uses the company logo to look legitimate, will initiate the infection process. This begins with the malware dropping two separate files -- a C# source code file and a .NET executable -- into the app data directory of the machine. [.....]
