Sneaky New Malware Avoids Detection

Anyone who uses the internet can fall victim to malware. The malicious code is often so cunning that researchers only detect its presence after the first attack. For the average consumer, the situation is much worse. Tap or click here to learn how malware exposes passwords stored in browsers.

As malware becomes more sophisticated, you need to be more vigilant than ever. Some may not even be aware that their device is already infected. But it’s not entirely their fault, as a new malware variant makes detection a nightmare.

Although BLISTER has been around since early last year, security researchers are just now figuring out how it works. Read on to see how the new malware can trick your system into believing it’s harmless.

Here’s the backstory

Cyber ​​criminals use various methods to hide malware from antivirus software or app store detection. Sometimes the malicious code is embedded in documents such as Word or PDF files or victims are redirected to download malware from infected web links.

But BLISTER uses an ever-expanding technique that can be more dangerous. The Elastic Security team noted that the malware uses a valid code signing certificate. This means that it piggybacks on legitimate software by tricking the antivirus.

Your daily dose of tech smarts

Learn the tech tips and tricks only the pros know.

By assigning a valid code signing certificate to itself, BLISTER is more unobtrusive than most malware. Elastic Security points out that it can penetrate systems without detection.

Since the primary input method is through a signed certificate, BLISTER can spread through apps, infected links, or embedded in files. It can pretend to be something harmless and the certificate matches, but the delivered cargo can trigger information-stealing processes.

What can you do about it?

One defense you have against malware is to keep your device’s operating system and software up to date. Developers release a series of patches every month that fix any vulnerabilities, and antivirus providers update their threat libraries.

Here are a few other things you can do to stay safe online:

Only download apps from official app stores and never use third-party app libraries for content. Do not click on links in unsolicited emails or text messages. Malware can hide in attachments or links that redirect you to a malicious website. It’s always a good idea not to click on pop-ups or banners, especially for products or services you’re unfamiliar with. Never share personal information too much on social media. It can later be used in social engineering attacks. Have trusted antivirus software on all your devices.

If you are looking for a great antivirus solution, we recommend our sponsor, TotalAV† Get an annual subscription now from TotalAV Internet Security for only $19 at† That’s over 85% off the regular price.

keep reading

If you click on any of these texts, cunning malware can take over your phone


Your daily dose of tech smarts

Learn the tech tips and tricks only the pros know.

Cunning new malware steals your money and then wipes your phone

Leave a Reply

Your email address will not be published.