Cerbu can therefore easily be deployed and configured for adware, annoying victims with unwanted ads and capable of adding a backdoor to victims' machines. Avast researchers believe these trends are related to the Cerbu rootkit, which can hijack browser homepages and redirect site URLs according to the rootkit configuration. Moreover, Avast researchers saw the bad actors behind Emotet rewrite several of its parts, reviving their machinery, and taking the botnet market back with the latest Emotet reincarnation.Īdware, Coinminers, and Tech Support Scams Targeting ConsumersÄesktop adware and rootkit activity increased in Q4/2021.
#AVAST TECHNICAL SUPPORT PHONE NUMBER DOWNLOAD#
In this campaign malware attackers used Azure and AWS as download servers for their malicious payloads to attack businesses. Moreover, a very important cause of high NanoCore and AsyncRat detections was caused by a malicious campaign abusing the cloud providers, Microsoft Azure and Amazon Web Service (AWS).
Attackers used this vulnerability to download and launch the MistarySnail RAT. In addition to exploiting the Log4j vulnerability to spread RATs, cybercriminals exploited the CVE-2021-40449 vulnerability, which was used to elevate permissions of malicious processes by exploiting the Windows kernel driver. A low-quality ransomware, called Khonsari, was the first ransomware the researchers saw exploiting the vulnerability. For instance, some RATs were spread using the vulnerability, the most prevalent of which were NanoCore, AsyncRat and Orcus. Most bot attacks were just probes testing the vulnerability, but Avast also noticed numerous attempts to load potentially malicious code. Various botnets abused the vulnerability, including the infamous Mirai botnet. Avast researchers observed coinminers, RATs, bots, ransomware, and APT groups abusing the vulnerability. The vulnerability in Log4j, a Java logging library, proved extremely dangerous for businesses because of the ubiquity of the library and the ease of exploitation. Cybercriminals attacking businesses via Log4j vulnerability and via RATs abusing Azure and AWS