WolkyTech

Hacked Zoom Installer Takes Over Your Pc – Protect Yourself Now

Security

Two more corrupted Zoom installers are waiting for people to download and run, Trend Micro researchers reported today (May 21).

"These malicious fake installers were not provided by the official Zoom installation distribution channel," researchers Raphael Centeno and Llallum Victoria said in a blog post." One of the samples installs a backdoor that allows malicious actors to remotely execute malicious routines, while the other involves the installation of the Devil Shadow botnet on the device"

These installers are hardly "fake" because they actually install Zoom on your PC. However, thanks to the extra malware, the file size is noticeably larger and takes longer to run than the regular Zoom installers; they are not on Zoom's official download page.

To make sure you are not infected with these malware, Zoom software should only be obtained from Zoom's website. Also, use the best anti-virus program that can detect these two bad bugs.

In fact, it is not necessary to install Zoom software to participate in a Zoom meeting.

The first of these two corrupted installers terminates existing remote desktop software, opens an obscure network port, and steals the login credentials of legitimate users of the PC, allowing its own remote attacker to connect to the PC.

The second malicious installer connects to a remote server controlled by the attacker and sets the malware component to run at system startup. It is designed to hijack webcams, take screenshots, record keystrokes, and penetrate firewalls. It also checks for the type of antivirus software installed.

"Both malware can be used to infiltrate the systems of high-value targets in corporate and non-business industries to steal proprietary and confidential information," the Trend Micro researchers wrote.

This is not the first time that Zoom installers have been corrupted by malware; in early April, the same Trend Micro researchers discovered a cryptocurrency miner embedded in a working Zoom installer. at the end of April, Trend Micro discovered another remote access Trojan (essentially a PC hijacking kit) embedded in the Zoom installer program.

Despite what Zoom would have you believe, you can join a Zoom meeting without installing anything. Any recently updated web browser will do.

When you click on the Zoom meeting link, a page will pop up in your browser asking you to install Zoom. Ignore it and try clicking the meeting link on the web page a couple more times.

Eventually, a link to join the meeting from your browser will appear in small text. Click on it and you can join, although you may need to create a Zoom account.