-5.9 C
New York

Check Point Exposes Hacker Selling Malware Disguised as Legitimate Tools (Remcos and GuLoader Malware)

Check Point Research has identified the individual responsible for the Remcos and GuLoader malware, which targeted the EMEA and APAC regions. This hacker distributed malware by exploiting seemingly legitimate software.

They were linked to websites called BreakingSecurity and VgoStore, where they openly sold Remcos and GuLoader, rebranded as TheProtect. Even though these tools were advertised as legitimate, they are commonly used in cyberattacks and are among the most prevalent malware.

This discovery highlights the concerning trend of cybercriminals using seemingly lawful software for malicious purposes. Remcos and GuLoader are particularly troublesome, as they are adept at evading detection.

In Checkpoint’s Most Wanted malware report for July 2023, Remcos climbed the ranks due to trojanized installers, landing in third place. Remcos, a Remote Access Trojan (RAT), has been observed in various campaigns, including one involving the Fruity malware downloader.

This campaign aimed to lure victims into downloading the Fruity downloader, which then installed different RATs like Remcos to steal sensitive information and conduct malicious activities on the victim’s computer.

GuLoader and Remcos have been impacting the Finance and Education sectors in 2023. GuLoader affected an average of 2.4% of organizations globally in the Finance sector, while Remcos impacted 2.8% of organizations globally in the Education sector.

The investigation by Check Point Research revealed that those selling Remcos and GuLoader were well aware that cybercriminals were using their software. This underscores the serious threat posed by dual-use software and emphasizes the need for heightened vigilance in the cybersecurity landscape.

Check Point Research has shared its findings with relevant law enforcement agencies for further investigation. Customers of Check Point Threat Emulation are protected against Guloader and Remcos attacks, as Threat Emulation covers a wide range of attack tactics and threats. It safeguards against the types of attacks described in this report, contributing to a safer digital environment.

You can find more information about it on Check Point Research’s blog .

Subscribe

Related articles

The Future of Online Lending: Trends to Watch in 2025

Finances are one of the most decisive parts of...

Big Data Analytics: How It Works, Tools, and Key Challenges

Your business runs on data—more than you may realize....

Top 7 Mobile App Development Mistakes and How to Avoid Them

Mobile app development brings many chances but also has...

Microsoft Patents Speech-to-Image Technology

Microsoft has just filed a patent for a game...
About Author
editorialteam
editorialteam
If you wish to publish a sponsored article or like to get featured in our magazine please reach us at contact@alltechmagazine.com