go to sections menu

Web Monitoring Rat bundled in an installer of Zoom? Have fun with this one from blog The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary > Web Monitoring Rat bundled in an installer of Zoom? Have fun with this one

Go to Homepage, contents or to navigation menu



Web Monitoring Rat bundled in an installer of Zoom? Have fun with this one

I recently read an article that talks about a web monitor Rat that comes bundled in a Zoom installer. The normal Zoom installer which I ended up running once comes with nothing to be concerned about.

Actors decided to make their own installer of Zoom, and put this thing in it. This is why it is important to get applications from their official stores or web sites, and not from some shady actor who says you need an update or an installer.

When I went to go to a zoom conference, I went to the link from the site I was on that was advertising this meeting. From there, I installed the application, and tried the link again. It let me in, and I was able to listen to the meeting. I chose not to participate by asking questions, but I found that session interesting.

Plenty of malware variants pose as legitimate applications to conceal their malicious intent. Zoom is not the only app used for this type of threat, as
many other apps have been used for this attack as well.  For this particular instance, cybercriminals may have repackaged the legitimate installers with
WebMonitor RAT and released these repackaged installers in malicious sites.

The article also talks about the fact that official stores and sites should be used and problematic apps do not come from these channels. This can’t be stressed enough.

To show how much of a threat this think can do, here are the things it collects according to the Trend Micro article.

• Battery Information
• Computer Information
• Desktop Monitor Information
• Memory Information
• Network Adapter Configuration
• OS Information
• Processor Information
• Video Controller Information

Itt doesn’t seem to be a whole lot, but it sends it to an IP you may not even be aware of, to a particular php file which is mentioned within the article. You really don’t know what actors could do with this info, and I hope we don’t get targeted with this thing, either by email or by accident somewhere.

WebMonitor RAT Bundled with Zoom Installer is the article if you wish to learn more about this stealthy way of getting things on machines. Enjoy!


Informazioni sull'articolo

Web Monitoring Rat bundled in an installer of Zoom? Have fun with this one was released on May 11, 2020 at 4:15 pm by tech in article commentary.
Last modified: May 11, 2020.


Comments (0)

No comments yet.

Leave a comment

You must be logged in to post a comment.

go to sections menu


navigation menu

go to sections menu