A recent malware attack on Zoom users aimed at stealing private banking information was stopped.
Click for KURT’s online newsletter with quick tips, tech reviews, security alerts, and how-tos to make you smarter.
The malware was identified by experts at Cyble Research & Intelligence Labs, and while Fox News Digital has been told that the website hosting the malicious download is no longer available, experts are warning Zoom users to watch out for future attacks.
Surprisingly, this app causes almost 50% of MACOS malware
What does this malware do?
The malware known as IcedID was put into action by threat actors who actively spread it using modified versions of the Zoom app. This affected a large number of companies, as Zoom’s popularity grew exponentially, especially among companies that moved to work from home at the beginning of the COVID-19 pandemic in 2020. The malware acts as a loader (a type of malware used to install other malware on PC) by stealing private information from these companies and dumping additional malware onto their employees’ computers.
This means that it steals sensitive information and also potentially installs other malware that can cause more damage. This can cause significant harm to affected companies, as they may lose valuable information and suffer additional security breaches or system disruptions.
Apart from being a bootloader, IcedID can also download additional modules from the Internet and introduce other families of malware, making it very difficult for the user to get rid of the malware once it has been implanted in the computer. Once downloaded, its primary purpose is to steal private banking credentials.
How does malware spread?
The most common way IcedID is spread among users is via spam emails. Malware is hidden in email attachments inside malicious office files. However, these Zoom hackers experimented with a new technology that not many were ready for this time around.
This simple iPhone hack makes every app easier to read
They use a phishing website called Explorezoom.com to deliver malware. This is the forgedA website disguised as an official Zoom domain whose sole purpose is to deliver IcedID malware. The page tells users that to use Zoom, they must download a file calledZoomInstallerFull.exe. The file will download the actual Zoom app to distract the user from realizing that IcedID malware is also being downloaded to their device.
How can I protect myself from IcedID?
The best way to protect yourself from any kind of malware is by installing high-quality antivirus protection on your device. You can install this on your phone, tablet and laptop. It would be a good idea for you to suggest this to your company if you are someone who works from home and uses a device provided by your employer.
The best virus protection
It is crucial that all of your devices are protected from the constant threats online. See my expert review of the best antivirus protection for Windows, Mac, Android and iOS by searching for “best antivirus” on CyberGuy.com by clicking the magnifying glass icon at the top of my website.
Related: Free Antivirus: Should You Use It?
Click here for the FOX NEWS app
Have you or someone you know been attacked by this malware called IcedID? If so, we’d love to hear from you.
For more of my security tips, head over to CyberGuy.com and be sure to sign up for my free CyberGuy Report newsletter by clicking the “Free Newsletter” link at the top of my website.
Editor’s note: This story has been updated to reflect that the malware attack is not currently in progress.
Copyright 2023 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn commission when purchases are made.