Hackers have begun impersonating a number of popular apps to spread malware, according to a new blog post from cybersecurity firm Cyble.

According to a new blog post (opens in new tab) from cybersecurity firm Cyble, hackers have begun using phishing pages designed to spoof a number of popular apps online. Users may think they are downloading a widely used app, but they are actually installing malware on their computers.

On January 16, the company's researchers discovered a phishing site spoofing a popular chat app. The next day, the same phishing site was transformed to mimic the site of remote desktop tool TeamViewer. This indicates that the hackers behind this campaign are actively modifying and customizing phishing sites to target many popular applications.

When users click the download button on these phishing sites, malware named "messenger.exe" or "teamviewer.exe" is downloaded to their PCs. However, the hackers behind this campaign use a clever trick to bypass the best anti-virus software. This helps the malicious executable files bypass security checks. This is because larger software is harder for antivirus software to detect.

In this case, the malware being distributed is Aurora infostealer, which, as its name suggests, is capable of collecting all kinds of sensitive data from browsers, browser extensions, cryptowallets, and user directories on infected machines. Remarkably, the malware can also extract data from Telegram if the user has a desktop app installed.

Once all this sensitive information, including passwords, is collected by Aurora, it is stored in JSON format, compressed using GZIP, converted to Base64 encoding format, and then sent to a command-and Control (C&C) server controlled by the hackers behind this campaign.

With users' cookies, browsing history, login data, and web data in hand, attackers can commit fraud, drain funds from users' bank accounts, or even steal personal information. The consequences of downloading a fake app that is actually malware may not be apparent at first, but could make matters worse as infected people may act normally. All the while, hackers continue to collect sensitive and personal data from infected PCs.

Unprotected users tend to arrive at such phishing sites by clicking on fake ads that appear frequently in search engines. Therefore, installing good ad-blocking software can prevent ads from appearing. In fact, the FBI also recommends the use of ad blockers.

At the same time, be very careful when downloading new software, whether on a smartphone or a PC. Before clicking on a download, one should always make sure that it is the official website of the company. This is because hackers have spoofed popular applications such as GIMP and Notepad++ in the past and will likely do so in the future.

While you should use antivirus software on your PC and the best Android antivirus apps on your Android smartphone, you should also consider upgrading to the best Internet security suites. These premium packages not only provide antivirus protection, they often include password managers, VPNs and firewalls to keep you better protected from all manner of online threats.

Fake app downloads have been quite successful for hackers and other cybercriminals. Therefore, they will continue to use such tactics to infect unsuspecting users with malware.

Next PayPal Hacker Attack Leaks Customer Names and Social Security Numbers-What to Do Now