Brazil is the biggest victim of NullMixer, a virus that steals confidential data

Kaspersky researchers have discovered a new campaign to spread NullMixer, a malware (computer virus) that steals credentials, address, credit card information, cryptocurrencies, and even Facebook and Amazon accounts. About 10,000 Brazilians were attacked while trying to download software from third-party websites, a number that represents more than 20% of the 47,000 detections worldwide. Brazil suffered 2.5 times more attacks with this malware than India, which came second, just to give you an idea of ​​the size of the difference.

READ MORE: WhatsApp: You can now use THIS new security setting; users are excited

NullMixer is often distributed by cybercriminals through websites that offer pirated software and activators for illegal software downloads. In most cases, users already receive some adware or other unwanted software through illegal software downloads, as they are used to bypass the piracy protection of the original platforms.

However, NullMixer differs in that it is much more dangerous, as it can perform massive downloads of Trojans and cause large-scale infections on devices. This includes spyware, bank robber trojans and other such threats.

Kaspersky also points out that with this virus, all information that the user writes on his keyboard will be available to fraudsters: from messages sent to friends on social networks to logins and passwords for your device or cryptocurrency accounts.

how the attack occurs

Kaspersky explains how a virus infection works:

  • When trying to download cracked software from one of these websites, the victim is redirected to a page containing a password-protected program and detailed instructions.
  • Everything looks normal, as if the person is actually about to download the software. However, following the instructions, the person runs NullMixer, which drops various malware files onto the infected machine, including spyware, backdoors, bank robber trojans, and other threats.
  • When trying to install the desired software, the consumer also receives detailed download instructions.

Among the threats spread by NullMixer is RedLine, which like the Disbuk malware – also known as Socelar – poaches credit card and cryptocurrency data from infected computers. By stealing Facebook and Amazon cookies with Disbuk, fraudsters can gain access to victims’ accounts and use their credentials, address and even payment information.

Cybercriminals also use professional SEO tools to stay in the top search engine results. This makes it easier to find malicious websites using search terms such as “cracks” and “keygens”, increasing the scope of fraud.

How to protect yourself from NullMixer

Kaspersky reminds you that every download of files from unreliable sources is a real roulette. The user will never know if what they are downloading is the expected software or comes with some free malware and it is recommended to keep this in mind

Therefore, the company still advises that the user:

  • Use only trusted sources to download software. Malware and unwanted Trojans are often distributed through third-party resources, where security is not checked in the same way as official web stores. Keep this in mind when you decide to download from an unknown website, as this threat can always be avoided by using only licensed products.
  • Check your online accounts regularly for unknown transactions. Even with careful Internet browsing, downloaded spyware can steal data while accessing secure websites. Spyware works like a video camera, giving the other person a view of every action taken on the infected computer. Usually the owner is unaware that the malware is on the computer and continues to add personal information to secure banking sites.
  • Use a robust security solution. Antiviruses that are already available in the market can help the user avoid being tracked on the Internet and protect them from threats.

See what success is on the Internet:

Leave a Reply

Your email address will not be published. Required fields are marked *