Home > Cyber News > Bolik Trojan Spreads To Intended Targets Via Fake VPN Sites
CYBER NEWS

Bolik Trojan Spreads To Intended Targets Via Fake VPN Sites

by   |  Last Update:  |  0 Comments  

The Balik Trojan as a dangerous malware threat is being spread onto fake hacker-made sites, in the case of the ongoing attacks they are fake VPN sites. According to the available security reports this is done by using a sophisticated approach. The criminal group, of which we don’t have concrete information, is using a free multimedia editor to create the fake VPN sites. They are hosted on addresses which sound similar to the legitimate services used by end users.




Fake VPN Sites Used As Conduits For Spreading The Balik Trojan

Computer criminals are actively attempting to scam computer users into getting infected with the Balik Trojan. What we know is that the previous attempts at spreading this particular threat was done by hacking download portals and various Internet pages, at this time the main method is to construct dangerous landing pages that appear to the end users as legitimate VPN services and privacy tools.

Related: [wplinkpreview url=”https://sensorstechforum.com/vpn-cve-2019-11510/”]VPN Services Attacked By CVE-2019-11510 Vulnerability

At the moment the intrusions are done via several sites that are almost perfect copies of the Nord VPN service — they include contents which are exactly copied from the original site. They are also hosted on similar sounding domain names which are often confused by the users. What’s particularly worrying about this particular threat is that it includes a legitimate security certificate which will not prompt the browsers to display warning messages concerning the privacy of the pages.

The Bolik Trojan which is delivered by these campaigns is an improved malware threat whch can be used for a variety of dangerous tasks:

  • Web Injection — This component has the ability to interact with the web browsers and manipulate with the displayed pages and fields.
  • Keylogger Installation — These are small-sized scripts or programs that will acquire the user input of the victims and transmit it to the operators.
  • Data Theft — The criminals can look for data that can expose sensitive information about the victims and any stored passwords or account credentials.

The behavior of the Bolik Trojan is typical of most banking malware — it is designed mainly to identify if the users are running any online banking services and will hijack the used account data.

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:
Twitter

Related posts:
  1. Most Secure VPN for Turkey RATING ENCRYPTION DNS Leak Protection LOGGING SERVERS 1 Hotspot ShieldSee...
  2. Most Secure VPNs for USA (2021) RATING ENCRYPTION DNS Leak Protection LOGGING SERVERS 1 Hotspot ShieldSee...
  3. The Most Secure VPN Services (Update July 2020) RATING ENCRYPTION DNS Leak Protection LOGGING SERVERS 1 NordVPNSee Review...
  4. Top Logless VPN Services in 2018 RATING ENCRYPTION DNS Leak Protection LOGGING SERVERS 1 NordVPNSee Review...
  5. CyberGhost VPN Software Review (Update June 2020) Stop mass surveillance and browse freely by using a VPN....
  6. VPN Unlimited by Keep Solid – Review This article has been created to review and demonstrate how...
  7. Test Your VPN Service’s Security (2020) This article has been created to teach you how you...
  8. How to Secure Your Online Banking With a VPN This article has been made to explain to you how...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree