It is passed on as a resource for recover passwords forgot, but it’s actually a dropper for malware. To sound the alarm, the researchers of Dragos. Cybersecurity experts analyzed a technique used to attack the technical staff of large companies.
The tool is sold in seemingly legitimate markets, where it is passed around as a professional tool for businesses. Dragos researchers bought some of this software except to discover its true nature through so-called reverse engineering.
The software – the researchers found – hid the dropper of a malware called Salary. The infected computer was then exploited for cryptocurrency mining, among other things – resulting in a major drop in performance.
The tool then did what it promised: by using an exploit, it was effectively able to recover passwords. However, the Dragos experts still warn about the nature of these malicious tools: the Sality malware makes the computer vulnerable to remote access.
According to the Dragos researchers, the same technique was used to spread the malware using the cracked version of some other tools and software for professional use.
Source: Lega Nerd