This Malware Can Infect Your PC With Over 20 Malicious Programs

pcmag.com:

Looking for bootleg software? Be careful; it might lead you to download malware. 

Antivirus provider Kaspersky has discovered one such malware strain trying to infect tens of thousands of Windows PCs through websites that pretend to offer cracks and key generators for legitimate software programs. 

The malware is known as NullMixer, and it’s so far attacked over 47,500 users, Kaspersky said in a report(Opens in a new window) released on Monday. It can download over 20 Trojans and malicious programs once it installs, including spyware, login and credit card stealers, backdoors, along with other programs capable of retrieving even more malware. 

A victim can be tricked into accidentally installing NullMixer if they search for software cracks on search engines such as Google. These software cracks are often designed to let you run legitimate software on a PC, but without buying a license key. 

The hackers behind NullMixer have been exploiting these software cracking sites to reroute users to download a ZIP file that will run NullMixer. “Notably, the cybercriminals used professional SEO tools in order to come up early in search engine results, so they could easily be found when searching for cracks and keygens over the internet and could target as many users as possible,” Kaspersky added. 

The infection occurs when the user extracts the "win-setup-i864.exe" file from archive and decides to run it. Doing so will trigger it to launch another executable, which will then proceed to drop “dozens of malicious files” onto the PC, Kaspersky said. In addition, the malware will try to disable the real-time monitoring from Microsoft’s Windows Defender system. 

“Since the beginning of the year we’ve blocked attempts to infect more than