Security News > 2022 > September > Fake sites fool Zoom users into downloading deadly code

Beware the Zoom site you don't recognize, as a criminal gang is creating multiple fake versions aimed at luring users to download malware that can steal banking data, IP addresses, and other information.

Threat researchers at cybersecurity firm Cyble found six fake Zoom sites offering applications that, if clicked on, will download the Vidar Stealer malware, which also grabs lots of other goodies.

The fake Zoom sites are part of a wider info-stealing effort, according to the Cyble Research and Intelligence Lab.

"Stealer Logs can provide access to compromised endpoints, which are sold on cybercrime marketplaces. We have seen multiple breaches where stealer logs have provided the necessary initial access to the victim's network."

The Cyble researchers said they first heard about the fake Zoom sites earlier this month from a tweet they saw during a routine threat hunting exercise.

The security biz outlined steps enterprises and users can take to avoid such malware, including not downloading pirated software, using strong passwords and multi-factor authentication, ensuring automatic updates of systems, and training employees not to open untrusted links.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/09/22/zoom_malware_infosteal_cyble/