I recently read an article that talks about a web monitor Rat that comes bundled in a Zoom installer. The normal Zoom installer which I ended up running once comes with nothing to be concerned about.
Actors decided to make their own installer of Zoom, and put this thing in it. This is why it is important to get applications from their official stores or web sites, and not from some shady actor who says you need an update or an installer.
When I went to go to a zoom conference, I went to the link from the site I was on that was advertising this meeting. From there, I installed the application, and tried the link again. It let me in, and I was able to listen to the meeting. I chose not to participate by asking questions, but I found that session interesting.
Plenty of malware variants pose as legitimate applications to conceal their malicious intent. Zoom is not the only app used for this type of threat, as
many other apps have been used for this attack as well. For this particular instance, cybercriminals may have repackaged the legitimate installers with
WebMonitor RAT and released these repackaged installers in malicious sites.
The article also talks about the fact that official stores and sites should be used and problematic apps do not come from these channels. This can’t be stressed enough.
To show how much of a threat this think can do, here are the things it collects according to the Trend Micro article.
• Battery Information
• Computer Information
• Desktop Monitor Information
• Memory Information
• Network Adapter Configuration
• OS Information
• Processor Information
• Video Controller Information
Itt doesn’t seem to be a whole lot, but it sends it to an IP you may not even be aware of, to a particular php file which is mentioned within the article. You really don’t know what actors could do with this info, and I hope we don’t get targeted with this thing, either by email or by accident somewhere.
WebMonitor RAT Bundled with Zoom Installer is the article if you wish to learn more about this stealthy way of getting things on machines. Enjoy!
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.