According to the company it is currently being distributed via ads displayed in search results when an internet user searches for links to cracked versions of popular software.

It is designed to steal passwords, deliver other forms of malware, and install cryptocurrency miners. This means that if it winds up on your system it can cause all manner of problems for you.

Most malware we see today is delivered via phishing attacks or by exploiting unpatched software. MosaicLoader's method of delivery makes it markedly different and thus noteworthy.

Bogdan Botezatu of BitDefender had this to say about the recent discovery:

"Most likely, attackers are purchasing adverts with downstream ad networks - small ad networks that funnel ad traffic to larger and larger providers. They usually do this over the weekend when manual ad vetting is impacted by the limited staff on call."

Most up to date antivirus software would spot and prevent the installation of MosaicLoader. Unfortunately many people who are looking for cracked versions of popular software turn their antivirus software off. Hackers around the world are well aware of this and are seeking to take advantage.

Bogdan Botezatu continues:

" From what we can tell, this new MosaicLoader attempts to infect as many devices as possible, likely to build up market share and then sell access to infected computers to other threat actors. We advise users to never turn off their security solution when it blocks the installation of software downloaded from the internet, as attackers have become adept at bundling legitimate apps with malware."

It's good advice. Make sure all of your employees are aware and on their guard. That's not a perfect solution but it is a very good start.

Used with permission from Article Aggregator