Author Topic: Pirated Software is All Fun and Games Until Your Data’s Stolen  (Read 177 times)

Offline javajolt

  • Administrator
  • Hero Member
  • *****
  • Posts: 35126
  • Gender: Male
  • I Do Windows
    • windows10newsinfo.com
Pirated Software is All Fun and Games Until Your Data’s Stolen
« on: February 03, 2020, 02:34:04 PM »
It may be tempting to try to download the latest games or applications for free, but doing so will ultimately land you in a hotbed of trouble as your computer becomes infected with adware, ransomware, and password-stealing Trojans.

Tools that allow you to crack, or bypass license restrictions, in copyrighted software have been around forever and users have always known that they face the risk of being infected with unwanted software by using them.

In the past, though, most of the unwanted programs that were installed were adware or browser extensions, and though definitely a nuisance, for the most part, they were not stealing your files or installing ransomware on your computer.

This has changed as software installer monetization companies have started to increasingly team up with ransomware and password-stealing Trojan developers to distribute their malware.

Passwords stolen through software cracks
BleepingComputer has been tracking adware bundles for a long time and in the past, they would install unwanted programs, but had no long-term ramifications to your data, privacy, or financial information.

Security researcher Benkøw has recently noticed that monetized installers pretending to be software cracks and key generators are now commonly installing password-stealing Trojans or remote access Trojans (RATs) when they are executed.



In his tests over the past week by downloading various programs promoted as game cheats, software key generators, and licensed software, when installing them he was infected with password-stealing Trojans and backdoors such as Dreambot, Glupteba, and Racoon Stealer.

In BleepingComputer's tests, we were infected with ShadowTechRAT, which would allow an attacker to gain full access to an infected computer.

It is not only RATs and password-stealing Trojans that users could be infected with.

One of the most prolific ransomware infections called STOP is known to be installed through these same adware bundles.

Distributed via torrent sites, YouTube, and fake crack sites
To distribute these adware bundles, attackers will upload them to torrent sites, create fake YouTube videos with links to alleged license key generators, or create sites designed to just promote adware bundles disguised as software cracks.

On torrent sites, you will commonly find that the same user has uploaded many different games, applications, and key generators that all have the same size.  For example, in the image below you can see a user named 'toneg374' had uploaded many torrents around the same time that all have the size of 25.33 MB.


Torrent site pushing copyrighted games

YouTube also has its fair share of scammers who create videos promoting a game cheat and then include a link to a file download. Like the torrent sites, these downloads are adware bundles that install malware.


YouTube pushing a key generator

When users download these files they think they are getting the latest game, application, or cheat for free, but when they install it they will be greeted with an installation screen that quickly disappears.


InstallCapital Adware Bundle screen

In the background, though, the malware had been installed and either executed to steal the victim's passwords or data or to sit running while performing malicious activity.


ShadowTechRAT installed in BleepingComputer's test

It's not worth it

While it may be tempting to download pirated software so that you do not have to pay for it, the risks far outweigh the reward.

Even if we put aside the fact that downloading copyrighted software is illegal, it is just not worth the potential risk of losing your data, online banking credentials being stolen, or data being stolen.

BleepingComputer gets emails, Twitter DMs, and Facebook messages every day from people who were infected by the STOP ransomware after pirating software.

These people have lost baby pictures, their thesis, or company data simply because they wanted to save $50. They now have to pay $1,000 or more to get their files back.

It is just not worth it.

source