Security News > 2020 > September > Windows backdoor masquerading as VPN app installer
Windows users looking to install a VPN app are in danger of downloading one that's been bundled with a backdoor, Trend Micro researchers warn.
The trojanized installer is offered on third-party download sites and users who download and run it are unlikely to notice that something is wrong with it.
"The bundled application drops three components to the user's system: the legitimate VPN installer, the malicious file that contains the backdoor, and the application that serves as the runner of the malicious file. The user sees an installation window on their screen, which possibly masks the malicious activity that occurs in the background," the researchers explained.
Users who don't stick to official download centers and app stores are at greater danger of downloading malware, although attackers have been known to bypass app stores' protections and compromise official developer sites to deliver malware.
"Enterprises and individual users alike employ VPNs to bolster their system's protection. However, inadvertently downloading an installer bundled with malicious files does the exact opposite of this as it exposes systems to threats," the researchers concluded.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/_LXlFsfzOuE/