Security News > 2022 > February > Several Malware Families Using Pay-Per-Install Service to Expand Their Targets

Several Malware Families Using Pay-Per-Install Service to Expand Their Targets
2022-02-08 04:42

A detailed examination of a Pay-per-install malware service called PrivateLoader has revealed its crucial role in the delivery of a variety of malware such as SmokeLoader, RedLine Stealer, Vidar, Raccoon, and GCleaner since at least May 2021.

Loaders are malicious programs used for loading additional executables onto the infected machine.

With PPI malware services such as PrivateLoader, malware operators pay the service owners to get their payloads "Installed" based on the targets provided.

"The accessibility and moderate costs allow malware operators to leverage these services as another weapon for rapid, bulk and geo-targeted malware infections," cybersecurity firm Intel 471 said in a new report shared with The Hacker News.

The administrative panel used by the PPI service offers a wealth of functions, including adding new users, configuring a link to the payload to be installed, modifying geolocation targeting based on the campaign, and even encrypting the load file.

"PPI services have been a pillar of cybercrime for decades," the researchers said.


News URL

https://thehackernews.com/2022/02/several-malware-families-using-pay-per.html