HomeUpdateThis deadly virus is planted on South Korea's workstation's system

This deadly virus is planted on South Korea’s workstation’s system

-

Last Updated on 18/02/2022 by Nidhi Khandelwal

Since at least May 2021, a botnet known as PseudoManuscrypt has been targeting Windows workstations in South Korea, using the same delivery methods as another virus known as CryptBot.

This deadly virus is planted on South Korea's workstation's system 1

In a study released today, South Korean cybersecurity firm AhnLab Security Emergency Response Center (ASEC) stated, “PseudoManuscrypt is disguised as an installer that is identical to a type of CryptBot and is being spread.”

“Not only is its file form identical to CryptBot,” it said, “but it is also delivered via malicious sites shown on the top search page when consumers seek for commercial software-related unlawful tools like Crack and Keygen.”

PseudoManuscrypt was originally discovered in December 2021, when Russian cybersecurity firm Kaspersky revealed details of a “mass-scale spyware assault campaign” that infected over 35,000 PCs in 195 countries around the world.

PseudoManuscrypt attacks, which were first discovered in June 2021, have targeted a large number of industrial and government institutions in Russia, India, and Brazil, among others, including military-industrial complex firms and research centers.

This deadly virus is planted on South Korea's workstation's system 2

The main payload module has a wide range of surveillance capabilities, giving the attackers practically complete access over the compromised PC. Stealing VPN connection information, recording audio with the microphone, and capturing clipboard contents and operating system event log data are all part of it.

Furthermore, PseudoManuscrypt may connect to a remote command-and-control server controlled by the attacker to perform malicious tasks like downloading files, executing arbitrary instructions, logging keystrokes, and capturing screenshots and videos of the screen.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -

Must Read

This is how Russia is being punished for the war

0
The developer of the popular "node-ipc" NPM package published a new modified version to denounce Russia's invasion of Ukraine, sparking concerns about open-source and...