A new hack is currently targeting Microsoft Office and Adobe Photoshop (PSD) cracks. Security experts explained that this new malicious exploit is taking advantage of the security flaws found in the systems of Microsoft Office and PSD.
Various researchers also warned that the new hack could become more rampant as time goes by since cracks, the small programs that allow people to use commercial applications and software without paying for their licenses, are currently popular among various companies and businesses.
However, since these cracks are illegal, most of them contain viruses and security flaws that pose risks, leading to device breach or account breach. Bitdefender, a cybersecurity firm, is the one who first discovered the new hack that focuses on the cracks for Photoshop CC and Microsoft Office.
The security experts explained that the interested consumers of these cracks pose legal implications. Aside from these, they could also be exposed from the new hack. This means that they will are risking ceding full control over their devices to hackers and cybercriminals.
Bitfinder explained that it spotted the new hack in which the crack deploys the ncat.exe malware on the device, together with the TOR proxy. The security firm explained that the Netcat can be installed on the device under these files:
On the other hand, the malicious attack’s TOR proxy can be exploited under the file %syswow64\tarsrv.exe. Aside from these, the involved security researchers on the new study also spotted the %syswow64%\chknap.bat batch file for nap.exe, as well as %syswow64%\nddcf.cmd for ndc.exe, holding the command line for the Ncat component. After that, this component will then move through ports 8000-9000 on the .onion domain.
How serious is the new hack
Security experts explained that the new malicious attack could result in a powerful powerful backdoor that uses the TOR network to communicate with its command and control server. Once the attack is established, the online scheme can do all nasty things within your computer’s system. These include file exfiltration, Firefox profile data theft, as well as firewall disabling.
After the new malicious attack steals the Firefox cookies, Bitfinder explained that it will allow the hackers to load them onto a different device to completely bypass passwords from various online services and even breach the two-factor authentication security feature.
Aside from these, the involved researchers also explained that the new malicious attack can also access the Monero Monero cryptocurrency wallet and steal any tokens it finds there. This, most likely, works for other cryptocurrency wallets as well, given that the list of actions is non-exhaustive.
They added that the hackers can completely control their victim’s systems using the new malicious attack and can adapt campaigns based on their current interests. Experts confirmed that the new malware is found in India, the United States, Greece, France, Canada, the United Kingdom, and Spain.
Aside from these, the new malicious attack also victimizes users in Latin America, Europe, and Australia. As of the moment, the security researchers did not confirm the total number of the affected users. But, they advise the public to avoid installing Microsoft Office and Adobe Photoshop cracks for the meantime.