Hackers Use Fake Anti-Hacking Tool 'AntiHacker' to Attack Syrian Activists
It wasn't really that long ago when speculators and conspiracy theorist painted a new type of war, one that would be fought and won or lost in cyberspace. At the time, it sounded like some sci-fi movie madness or intergalactic fantasy, but the reality is battles are being waged in cyberspace on a daily basis, and some are politically motivated.
Midst a heated Syrian civil war, local dissidents and activists are being targeted and spied upon by pro-government forces. The surveillance tool of choice is a malicious program and guise offering its help of computer security and protection – AntiHacker. This is not the first time malware was used as a defense tool or weapon and believe me, it won't be the last, as reach and sophistication in technology goes where no man has ever gone before. Social networking is worldwide and so are the use of the famed Internet, a bridge and possible entry into homes and personal space. Computers hold valuable data, pretty much our entire lives, including our finances, or in some cases, corporate secrets, including defense strategies.
Deceptively installing surveillance malware is not all that new but targeting political rivals or foes is growing increasingly common, and this is not a good thing. AntiHacker is being propagated using common distribution vectors, for instance Facebook or other social networking platforms, to lure or trap potential targets. Once the user clicks and runs the program, a pop-up or prompt appears that reads as follows:
You PC is Protect now thank you for using our Product [sic].
Another prompt being used as a scare tactic is this one:
You Are Running On unprotected Connection You Maybe At Risk !!!! [sic]
Often targets or victims do not pay attention to obvious signs, such as misspellings, poor grammar or sentence construction, all dead giveaways. Following the behavior of legitimate security tools, AntiHacker promises to 'Auto-Protect & Auto-Detect & Security & Quick scan and analyzing [sic]' but instead it immediately begins spying on its target. Remote access will be give a hacker, who can then use DarkComet RAT to watch his target's every move through the eyes of the infected computer's webcam. Similar to other malware, the Trojan is able to deactivate weaker antivirus or antispyware tools so that it can work uninterrupted. Additionally, the target's vital data will be stolen as well as email addresses harvested and system data gathered.
You should never click on links or attachments without verifying the source. You should also never download files or programs from unfamiliar websites. Unfortunately, the malware housing AntiHacker is not yet detectable by most antivirus or antispyware tools. The only way to ensure your system is not housing surveillance malware aimed at spying on you is to run a scan of your entire system using a stealth antimalware tool. It is highly likely the Trojan is using obfuscation tricks to circumvent malicious activity. Rootkit technology, for example, helps mask and bury files so they read the same as legitimate operating system files. Deletion or removal of critical files an amateur may assume is malicious could corrupt the hard drive, and you'll be left staring at a blank blue screen.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.