Advice Request What would happen if a legimate program, OS, or game somehow had a virus or malware installed on it from the official source?

Please provide comments and solutions that are helpful to the author of this topic.

struppigel

Super Moderator
Verified
Staff Member
Well-known
Apr 9, 2020
667
How would you know or prevent it before you use it ?

Hello. There is no way to 100% prevent this from happening. There were several instances like that in the past. E.g., a trusted open-source developer got a virus infection on their system (an actual virus that infects other executables). That virus infected the developer's release file which was then deployed for everyone as a new version of their program.

Other variants of include deliberate but hidden modifications of source code after the attackers gained access to the developer's systems. These are especially difficult to prevent for the user downloading their software since this is not a known malware and rather hard to detect it as such.

However, these cases are relatively rare. The reason they make the news is that they are not a common thing to happen. You cannot prevent it very well, but you actually also don't need to do something else than your general security measures to prevent infections.
 

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
The mechanism is in a way sort of cool as the ransomware is digitally signed (by PB03 TRANSPORT, now revoked), runs a script (certutil pops up again within it, of course) that kinda-sorta disables Defender while at the same time dropping a legitimate Defender Antimalware Application (msmpeng.exe) as well as the malicious mpsvc.dll (knowing that Defender isn't all that swift with regard to side loading attacks).

Although the blame for Kaseya will be placed on the hackers, the real blame lies with those that utilize sub-optimal malware defenses.And not that anyone asked, but CF laughs at this one prior to malware eradication.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top