We all know very well that cybercriminals are still determined to affect computers that run the software of the Redmond company, of course, the tech giant Microsoft’s Windows. Now, according to the latest reports, recently a new malware has been discovered which simply steals passwords from the Windows PCs.
WARNING! This Malware Stealing Passwords From Windows PCs
Cybercriminals are still determined to affect computers that run the software of the Redmond company, of course, the tech giant Microsoft’s Windows. The last detected threat is called Fauxpersky. No, it is not a new antivirus of the Russian company, although it may seem. It is a malware that is distributed among computers with Windows operating system using USB drives. For a long time, this has been one of the most widely used means of distribution, and it seems that once again, they have tried to rescue it.
Since several companies specializing in cybersecurity indicate that it is not one of the most sophisticated or at least compared to what exists today. Taking into account that we talk almost daily about computer viruses that encrypt the files and mine cryptocurrencies taking advantage of the hardware of the infected computers.
It is an effective threat when it comes to infecting USB drives and stealing information, even from services such as Gmail or Outlook. Yes, it could be said that we are facing a keylogger whose operation is very good, to the detriment of the users of the infected computers.
Now it’s time to talk about the name of the threat. We have already indicated that it is not a new solution from the Russian firm Kaspersky.
When Fauxpersky arrives in the system, it seeks in some way to steal the identity or perform the same functions as the security tools of the Russian company. In this way, it seeks to camouflage the activity for users. Those who are not so adept at Internet issues, will not realize what is happening.
Fauxpersky and USB drives
As we have indicated, the threat uses pendrives and hard drives to be extended to other computers. For this reason, users are advised to exercise extreme caution when connecting units to public computers.
Security experts indicate that, on paper, the threat should detect without any problem if we have a security tool, even if it is not up to date. This means that the Fauxpersky is based on an old threat.
How to know if my computer is infected
Experts indicate that this threat seeks to highlight as little as possible during the operation of the equipment. All the time that is active during the handling of the equipment by the user will suppose a greater collection of information. In the end, this type of software is intended to collect access credentials to different services, and then sell them on the Internet.
Experts indicate that it is relatively easy to know if the equipment is infected. Simply go to the Windows Task Manager and locate one of the following processes:-
- Explorers.exe
- Spoolsvc.exe
- Svhost.exe
- Taskhosts.exe
As you can see, they are very similar to others that correspond to the operating system. Luckily for users, uninstalling the threat is not a complicated process. You can resort to Malwarebytes and proceed with the deletion of the folder%appdata%\Roaming\Kaspersky Internet Security 2017. With this, it would be more than enough to get Fauxpersky does not cause more problems. If the equipment is infected, it is also advisable to modify the passwords of the services, to avoid unauthorized use of the accounts.
So, what do you think about this? Simply share all your views and thoughts in the comment section below.
