Tech News
Hackers Distribute FakeBat Loader Via Fake Software Installers

Researchers caution users about a new malicious campaign spreading the FakeBat loader. The threat actors behind this campaign trick users into downloading the malware by pretending to be various legitimate software. It is crucial for users to always download necessary software, tools, and apps from official sources only.
New Campaign Distributing FakeBat Loader Through Impersonation of Legitimate Software Installers
Cybersecurity experts at Mandiant have identified a fresh malware campaign distributing the FakeBat Loader. This malware, also known as NUMOZYLOD, EugenLoader, and PaykLoader, targets users through malvertising campaigns.
The threat actors in this campaign entice users to download the malware by imitating legitimate apps like Brave, Zoom, Notion, KeePass, and Steam. They distribute trojanized MSIX installers via fake websites that mimic legitimate software platforms.
Once downloaded, the trojanized installer installs the user’s desired app while executing malicious activities in the background to establish persistent access on the target device, acquire elevated privileges, and collect system information such as OS details, installed antivirus programs, and IP addresses (in some variants).
FakeBat operates on a malware-as-a-service model, enabling different threat actor groups to distribute malware using this loader. After infecting a device successfully, FakeBat downloads and runs the secondary payload, with variants distributing Carbanak and LummaStealer malware.
Attaining persistence marks the completion of FakeBat’s objective, as the attackers transfer control of the infected device to the respective malware group for further actions.
The researchers have shared detailed technical information about this malicious campaign on their blog.
Prevent Potential Malware Risks by Downloading Only from Official Sources
The primary reason behind the success of the FakeBat campaign lies in users’ lack of caution when downloading software. Users often overlook the legitimacy of websites before downloading tools, and the subtle differences between authentic and phishing sites can be challenging to detect.
Hence, the best way to protect against such threats is to download software and apps exclusively from official, reputable sources rather than opting for free or pirated versions.
Share your thoughts in the comments section.
-
Destination6 months ago
Singapore Airlines CEO set to join board of Air India, BA News, BA
-
Breaking News8 months ago
Croatia to reintroduce compulsory military draft as regional tensions soar
-
Tech News10 months ago
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Breaking News8 months ago
Bangladesh crisis: Refaat Ahmed sworn in as Bangladesh’s new chief justice
-
Gaming7 months ago
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
-
Toys10 months ago
15 of the Best Trike & Tricycles Mums Recommend
-
Toys8 months ago
15 Best Magnetic Tile Race Tracks for Kids!
-
Guides & Tips8 months ago
Have Unlimited Korean Food at MANY Unlimited Topokki!