https://sputnikglobe.com/20220104/purple-fox-virus-attack-fake-telegram-messenger-apps-hack-devices-with-lethal-malware-1092012711.html
Purple Fox Virus Attack: Fake Telegram Messenger Apps Hack Devices With Lethal Malware
Purple Fox Virus Attack: Fake Telegram Messenger Apps Hack Devices With Lethal Malware
Sputnik International
The Windows-based malware Purple Fox was first discovered in 2018. It comes with rootkit software, a type of malware that is designed to remain hidden on your... 04.01.2022, Sputnik International
2022-01-04T15:59+0000
2022-01-04T15:59+0000
2023-02-10T09:03+0000
cyber attack
cyber
telegram
fake
malware
telegram
virus
trojan
cybersecurity
https://cdn1.img.sputnikglobe.com/img/105496/79/1054967975_0:128:3001:1816_1920x0_80_0_0_5949a12bb2d285cf0a9187a1aded9034.jpg
The Purple Fox Malware attack is once again making headlines globally after cyber-security researchers sounded the alarm about the fake Telegram Messenger apps at present being used to hack devices.According to research published by the Minerva Labs website, the cyber-security researchers described the Purple Fox rootkit infection as different from intrusions that typically take advantage of legitimate software for dropping malicious payloads.The way the lethal malware attacks the device is in different stages. After the Telegram installer file gets downloaded, its AutoIt script drops a legitimate installer for the chat app and a malicious downloader called "TextInputh.exe", the latter of which is executed to retrieve the next-stage malware.The downloaded files then proceed to block antivirus softwares, before advancing to the final stage that results in the download and execution of the Purple Fox rootkit.“We found a large number of malicious installers delivering the same Purple Fox rootkit version using the same attack chain. It seems as though some were delivered via email, whereas others we assume were downloaded from phishing websites,” researcher Natalie Zargarov said in the research report.During the investigation, the cyber-security researchers found that the threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had very low detection rates by (antivirus) engines, “with the final stage leading to Purple Fox rootkit infection”.
Sputnik International
feedback@sputniknews.com
+74956456601
MIA „Rosiya Segodnya“
2022
Sangeeta Yadav
https://cdn1.img.sputnikglobe.com/img/07e4/08/1b/1080292803_0:121:960:1081_100x100_80_0_0_7490b319dab9611e309056b177265184.jpg
Sangeeta Yadav
https://cdn1.img.sputnikglobe.com/img/07e4/08/1b/1080292803_0:121:960:1081_100x100_80_0_0_7490b319dab9611e309056b177265184.jpg
News
en_EN
Sputnik International
feedback@sputniknews.com
+74956456601
MIA „Rosiya Segodnya“
Sputnik International
feedback@sputniknews.com
+74956456601
MIA „Rosiya Segodnya“
Sangeeta Yadav
https://cdn1.img.sputnikglobe.com/img/07e4/08/1b/1080292803_0:121:960:1081_100x100_80_0_0_7490b319dab9611e309056b177265184.jpg
cyber attack, cyber, telegram, fake, malware, telegram, virus, trojan, cybersecurity
cyber attack, cyber, telegram, fake, malware, telegram, virus, trojan, cybersecurity
Purple Fox Virus Attack: Fake Telegram Messenger Apps Hack Devices With Lethal Malware
15:59 GMT 04.01.2022 (Updated: 09:03 GMT 10.02.2023) The Windows-based malware Purple Fox was first discovered in 2018. It comes with rootkit software, a type of malware that is designed to remain hidden on your computer beyond the reach of antivirus solutions.
The Purple Fox Malware attack is once again making headlines globally after cyber-security researchers sounded the alarm about the fake Telegram Messenger apps at present being used to hack devices.
According to research published by the
Minerva Labs website, the cyber-security researchers described the Purple Fox rootkit infection as different from intrusions that typically take advantage of legitimate software for dropping malicious payloads.
The way the lethal malware attacks the device is in different stages. After the Telegram installer file gets downloaded, its AutoIt script drops a legitimate installer for the chat app and a malicious downloader called "TextInputh.exe", the latter of which is executed to retrieve the next-stage malware.
The downloaded files then proceed to block antivirus softwares, before advancing to the final stage that results in the download and execution of the Purple Fox rootkit.
“We found a large number of malicious installers delivering the same Purple Fox rootkit version using the same attack chain. It seems as though some were delivered via email, whereas others we assume were downloaded from phishing websites,” researcher Natalie Zargarov said in the research report.
During the investigation, the cyber-security researchers found that the threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had very low detection rates by (antivirus) engines, “with the final stage leading to Purple Fox rootkit infection”.
