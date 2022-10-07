Leonardo Godim* – State of Minas

Brazil is the country most attacked by the NullMixer virus, a malware that steals passwords, address, credit card data, cryptocurrencies and even Facebook and Amazon accounts. The discovery was made by Kaspersky researchers. About 10,000 Brazilians have already been attacked.

The number represents 20% of all 47,000 detections of the virus around the world. The country has had 2.5 times more attacks than the second place in the number of registered cases, India.

NullMixer

NullMixer virus is distributed through websites that offer pirated programs and activators for illegally downloaded software. This is a common means of propagating viruses on the internet, but according to experts, NullMixer stands out for being much more dangerous.

It is considered a “dropper”, or “dropper”, a type of trojan that works by installing various viruses on the infected machine.

The attack starts when the victim, when trying to download the software illegally, is redirected to a page with the program’s password and instructions on how to install it. Everything looks normal – but in fact the person is installing a “Trojan horse” on the computer.

When installed, NullMixer launches a torrent of malware – malicious programs used to cause harm – such as spyware, backdoors, trojans for bank robberies and other threats.

Among these threats are Redline and Disbuk, two malware that hunts credit card and cryptocurrency data from infected computers. According to Kaspersky, by stealing cookies from Facebook and Amazon with Disbuk, scammers gain access to victims’ accounts and can use all the data they have registered, including payment details.

pirated programs

Cybercriminals use professional SEO tools to appear in the top results of search engines such as Google. When someone searches for terms such as “cracks” and “keygens” – programs used to activate pirated software – the website with the virus appears as an option.

“Any download of files from untrustworthy sources is a real roulette wheel: you never know if what is downloaded is the expected software or if it will come with some freebie malware. With NullMixer, any information you type on your keyboard will be available to scammers: from messages sent to your friends on social networks to logins and passwords from your device or cryptocurrency accounts. Keep this in mind when you decide to download from an unknown website, because this threat can always be avoided using only licensed products and robust security solutions”, comments Fabio Assolini, director of Kaspersky’s Global Research and Analysis Team in Latin America.

