Cybercriminals are getting sneakier by the day, and their latest trick is one that could catch even the most careful among us off guard.

For those who want to protect their personal computers from any threats, anti-viruses are often a go-to solution.

However, you should take heed before downloading one for your gadgets.

Researchers at DomainTools Intelligence (DTI) uncovered a worrying scam targeting personal computers.

Scammers have set up fake websites that look just like the official download pages for popular anti-virus programs.

One of these fake websites has copied one of the most famous anti-virus programs, Bitdefender.

BitDefender is one of the top antivirus programs available online. Image Credit: BitDefender

The fraudulent site, bitdefender-download[.]com, is a near-perfect copy of the official website.

The fake website was designed to lure unsuspecting users into downloading a seemingly legitimate anti-virus program.

Yet, instead of keeping computers safe, downloading the fake anti-virus program could set off a chain reaction that could put your personal and financial information at risk.

According to the research findings, users will be led to a Bitbucket URL upon download.

This then redirects users to an Amazon S3 storage link.

From there, a ZIP file is downloaded to the computer.

Inside that ZIP file is a program called StoreInstaller.exe.

What's really inside the file is a malware called VenomRAT (Remote Access Trojan).

Malicious tools like StormKitty stealer and a code from the SilentTrinity hacking framework were also found among the files.

Once installed, this malware could steal a user's passwords, observe keystrokes, swipe cryptocurrency wallets, and give hackers remote control over your computer.

In some cases, the criminals could sell access to the computer system to other scammers, putting users at further risk.

The DTI researchers found that the same attacker was controlling several samples of Venom RAT.

Even more concerning was that the infrastructure behind the fake Bitdefender site overlapped with other phishing campaigns targeting banks and IT services.

Several of these phishing websites imitated login pages for Microsoft and the Royal Bank of Canada.

What does this mean for Aussies, especially seniors dependent on their gadgets for daily use?

Cybercriminals are getting more sophisticated as they have learned to build their malware.

This approach has made their attacks more challenging to spot.

While security experts can detect these threats quickly, the real victims are regular internet users who just want to keep their computers safe.

How can you protect yourself?

• Always download software from official websites. If you're looking for anti-virus protection, go directly to the company's official site.
• Check the website address carefully. Look for slight differences in the URL (like an extra dash or a misspelt word) that could indicate a fake site.
• Keep your operating system and software up to date. Updates often include security patches that help protect against the latest threats.
• Use a reputable security solution. The best way to avoid fake anti-virus software is to have real, trusted anti-virus protection installed on your computer.
• Be wary of unexpected downloads. If a website tries to download a file automatically, or if you're prompted to install something you did not ask for, close the page immediately.
• Enable two-factor authentication on your important accounts, especially for banking and email.

If you may have accidentally downloaded something suspicious, immediately disconnect your device from the internet.

Run a full scan with your anti-virus software, and consider seeking help from a trusted IT professional.

Key Takeaways

• Cyber criminals are targeting Australians with a fake anti-virus website pretending to be Bitdefender.
• The attackers have been using a convincing download page that delivers a ZIP file containing multiple malicious programs, including the VenomRAT.
• This malware could steal passwords, access crypto wallets, and provide remote control over victims' computers for immediate theft or resale.
• Researchers warned that attackers are now using open-source 'build-your-own-malware' toolkits, making these scams more adaptable and dangerous for everyday internet users.

Have you ever come across a suspicious website or received a dodgy link? What steps do you take to keep your computer safe? Share your experiences and tips in the comments below.

 

[7777]

Cyber criminal activity is now becoming a daily announcement, almost as daily as our daily weather report.
We are warned everyday and advised on how to take care, and protect ourselves, like those warning reports that are made about bad weather cyclones.
Cyber criminal activity is here to stay, and has become a part of our daily lives.
The big A.I. , and manufactures, who have created the technology, for us to to store our private information, and hard earned money, have failed to keep us safe.
We are forced now to live in a cashless society, but no one knows how to stop the cyber theives from helping themselves to our bank accounts.
If we remain as a society who use cash, we can safeguard our money, and put cybercriminals out of business, as well as not allow the government to know what or how we spend our money. But on the other hand, if we become a cashless society, cybercriminals will be fully employed and become super wealthy with our stollen cash, and the government will happily play the roll of big brother, scanning every cent that is in our accounts, every item that we purchase, from who, and the number of times our purchases are made.
We will become a society without freedom, without financial safety and become known as a number almost robotic like, here to do and obey as the government orders us to do.
This kind of life style is very confronting and quite frightening for the older generation. But without any other choice, the younger generation will accept this new way of life, that is here to stay, that being under the scanner of the government 24/7, and always and forever, being on guard from cybercriminals, as a normal way of life.

 

[Squizzy1]

Cyber criminal activity is now becoming a daily announcement, almost as daily as our daily weather report.
We are warned everyday and advised on how to take care, and protect ourselves, like those warning reports that are made about bad weather cyclones.
Cyber criminal activity is here to stay, and has become a part of our daily lives.
The big A.I. , and manufactures, who have created the technology, for us to to store our private information, and hard earned money, have failed to keep us safe.
We are forced now to live in a cashless society, but no one knows how to stop the cyber theives from helping themselves to our bank accounts.
If we remain as a society who use cash, we can safeguard our money, and put cybercriminals out of business, as well as not allow the government to know what or how we spend our money. But on the other hand, if we become a cashless society, cybercriminals will be fully employed and become super wealthy with our stollen cash, and the government will happily play the roll of big brother, scanning every cent that is in our accounts, every item that we purchase, from who, and the number of times our purchases are made.
We will become a society without freedom, without financial safety and become known as a number almost robotic like, here to do and obey as the government orders us to do.
This kind of life style is very confronting and quite frightening for the older generation. But without any other choice, the younger generation will accept this new way of life, that is here to stay, that being under the scanner of the government 24/7, and always and forever, being on guard from cybercriminals, as a normal way of life.

I understand why Govts want to know what we are doing, but why does the Financial sector continue to promote a flawed system such as this? Is it because they make so much from money laundering, or because they are lazy?

 

[Luckyus]

I never store passwords on online

 

[Zemo]

I never store passwords on online

Neither do I, but can't the crims track them down using keyloggers?

 

[Radiant]

I keep getting messages telling me I need to free up more space and from people trying to sell me more space. I delete these offers immediately but I’m not sure whether this is a genuine need for me to access more. ??