Skip to main content

Watch Out For Old Hacking Technique Offering Free Downloads

By September 11, 2019May 16th, 2022Cybersecurity

An old hacking technique is getting new attention from hackers around the world, and it underscores the fact that people must exercise extreme caution when it comes to deciding who to trust and where to download files from.

Hackers have long been in the business of spoofing legitimate sites; making exact replicas of popular websites offering a variety of free downloads.

Of course, instead of getting genuinely useful code, you find yourself on the poisoned domain. Rather than the legitimate site, what you download will be malware of one type or another.

The most recently discovered instance of this involves the Smart Game Booster site.  It’s a legitimate piece of code that helps to improve the performance of the games you play, and it has become popular enough that it’s caught the attention of at least one hacking group. That group cloned the site and pretends to offer the same product.

In this case though, the malware the hackers deploy is one of the more insidious we’ve seen.  Unlike many malware attacks which latch onto a system with a persistent presence, this one runs only once and then deletes itself. Even more alarming is that it leaves no trace that it was ever there.

When it runs, it scans the infected device for passwords, your browser history, any cryptocurrency wallets you may have, and a wide range of other critical files.  It collects these and sends all the data to its command and control server, and then self-destructs.

With no outward sign, many users will be completely unaware that there’s a problem until they start seeing suspicious charges on credit cards, noticing funds being removed from bank accounts and the like.  By then of course, it’s far too late.

The bottom line here is simple:  Be mindful about where you download files from.  Check your URLs, and unless you can avoid it, never stray far from the big, well-respected sites like the Apple Store, Microsoft Store, or Google Play Store.  It’s just not worth the risk.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.