HotRat Trojan actively spreads through pirated software and games
Popular programs from Adobe, Microsoft and other publishers are used as bait for freebie lovers.
Despite the obvious risks, many people continue to be tempted by the prospect of getting popular high-quality software from A-brands absolutely free. This usually results in people downloading illegal copies of desired programs, thereby exposing themselves to the risk of malware infection.
As shown recent study Avast, “cracked” versions of software often contain hidden scripts that install various types of malware on the victim’s computer.
Researchers Looked at a Specific Malicious Campaign Targeting Users Windowsin which hacked software is distributed through various torrent trackers and other suspicious websites.
The bait was mainly popular programs from Adobe (Photoshop, Illustrator, Master Collection) and Microsoft (Office and Windows images), as well as small programs for performing narrow tasks (IObit Driver Booster, Revo Uninstaller Pro, etc.).
In addition, gamers have also been hit, because in exactly the same way, attackers distribute infected copies of popular video games such as Battlefield 3, Age of Empires IV, Red Alert 2 and Sims 4.
When downloading the honeypot, the victim gets what he originally wanted, but the installer also contains an AutoHotkey script that launches a variant of the malware AsyncRAT. Avast researchers named this variation HotRat.
The first step in the installation process is to obtain administrator rights. Since installers of almost any software very often request extended privileges, the victim does not find anything suspicious in this and gives the necessary access. Then, during the malware installation process, system protection is weakened by disabling the antivirus and requesting permissions UAC.
HotRat Deployment and Activation
Fully deployed and active, HotRat malware provides attackers with a wide range of opportunities, from stealing logins and passwords to unauthorized screen recording, keylogging, access to the clipboard, and installing additional malware that can expand the malware’s already considerable capabilities.
Avast’s research highlights the importance of being cautious about downloading unlicensed software, and also demonstrates very real risks, including system infection and confidential data leakage.
Experts recommend using only legal sources to obtain software to keep yourself and your devices safe. It is also important to keep system protection mechanisms, such as antivirus, up to date.