fake websites Archives

Fake Amnesty International Campaign Delivers Malware

Fake Amnesty Int'l website, malicious websites, malware, Ophtek, Pegasus spyware, Sarwent malwarefake websites, malicious websites, malware, Ophtek, pegasus spyware, sarwent malwareOphtek, LLC

Oct 2021

The Pegasus spyware has made headlines around the world, but it appears that the anxieties around Pegasus are being used to spread further malware.

The sophistication behind the Pegasus spyware and the near impossibility of detecting, let alone removing, it has proved to be a fearsome combination. Naturally, many users are becoming increasingly concerned that they could fall victim to it. While Pegasus is only being used to target high ranking individuals, the fact that the technology is available means that no one is safe. Concerns are running high and people are desperate to protect themselves.

This anxiety is now being targeted by hackers who have designed a malicious website which, far from offering protection, is packed full of malware.

The Malicious Website

The website in question has been set up to resemble that of the global humanitarian group Amnesty International. Hosted on this fake website is an application which claims to be an antivirus program capable of protecting users from Pegasus. However, this application is nothing more than a sham. Instead, users will find that they are downloading a strain of malware known as Sarwent. Active since 2014, the Sarwent malware may look like antivirus software, but it’s more concerned with setting up backdoor access, stealing data and accessing users’ desktops.

This version of Sarwent appears to have had its source code tinkered with to make it more effective. It immediately records information about the infected user – such as operating system, system structure and whether antivirus software is installed – and then begins receiving commands from a remote system. Hackers are gifted the opportunity to download further malware, transmit confidential nature to external users and take control of users’ PCs. The attacks have been detected globally with the US, UK, Russia and India all being affected.

Avoiding the Threat of Sarwent

The strategies and methods of attack employed by Sarwent have the potential to cause major damage. While it may not be quite as dangerous as Pegasus, it represents a significant headache to anyone who falls victim to it. You can avoid these IT disruptions by implementing these best practices:

Don’t Download from Unknown Sources: Malicious websites on the internet run into tens of millions and act as major security risks. Allowing employees to download software from unknown sources is a dangerous privilege to have in place. As the fake Amnesty International website has demonstrated, it’s easy to be manipulated into downloading dangerous software. Minimize the availability of download privileges within your organization to maximize security.

Learn How to Identify Malicious Websites: Key to avoiding malicious downloads is by understanding how to identify a malicious website. Always read URLs carefully to confirm whether it is the website it claims to be – spelling mistakes are a classic giveaway. Always hover your mouse over any embedded links to verify where the link will actually send you to. And, remember, if it sounds too good to be true then it probably is. Pegasus is a sophisticated spyware tool and is unlikely to be solved by a basic antivirus app.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Malware Hidden in Fake Microsoft DirectX Download Page

Antivirus, Direct X, fake emails, fake websites, malicious websites, Microsoft, Ophtekantivirus, Direct X, fake emails, fake websites, microsoftOphtek, LLC

May 2021

Microsoft is a name you should be able to trust. But, online, nothing is ever quite as it seems. And that’s why you need to be careful what you click.

DirectX is a crucial component when it comes to processing multimedia materials on Windows PCs. It has been in use for over 25 years now and is an established element of the Windows experience. But it’s this familiarity, and reliance on the software, which makes it the perfect target for hackers. Accordingly, security researchers have discovered a fake web page which claims to carry a genuine version of the software. Unfortunately, the only thing that this download contains is untold trouble and chaos for IT systems.

It’s always important to be aware of the latest threats, so we’re going to take you through the processes involved in this new attack.

Fake Website Spells Danger

The fake website in question has been set up by hackers to look like a genuine site offering a download of DirectX 12 for Windows. The hackers have been careful to disguise the website as genuine by putting some effort into its design. Most malicious websites are basic with the main emphasis being on a download button. While this latest website does rely on a download button, the designers have also included additional pages including: a contact form, copyright infringement details, a privacy policy and a legal disclaimer. This ‘extra effort’ is used in order to create a false sense of security.

Victims of this download scam are likely to find themselves at this website through a number of means: they may have received fake emails urging them to download a new version or they may have found the website through a search engine. Either way, the results of infection are the same. Clicking on the download page will forward users to a remote website where they are prompted to download the software. Two options are put forwards to the user: a 32-bit or a 64-bit version. Both files will then download further malware capable of the following:

Stealing confidential data such as login credentials by recording keystrokes
Unauthorized transmission of user files
Accessing a wide range of cryptocurrency wallets to steal funds

How to Avoid the Dangers of Malicious Websites

The threat of malicious websites is nothing new, but their continued presence online indicates that PC users need continual refreshers on them. Therefore, make sure that your staff practice the following:

Only ever download software from the manufacturer’s official website e.g. DirectX software should only be downloaded from Microsof t. And always double check that the website address is genuine. If in doubt, get an IT professional to verify it.

Understand the dangers of phishing emails and the best ways to identify what is genuine and what is fake.

Install anti-virus software on your PCs that evaluates websites and blocks those that are suspected of being malicious. This is a common feature of almost all anti-virus software and offers you a valuable moment of thought before proceeding.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Tag Archives: fake websites