Although the applications that sell our broadband that we do not use are legal, hackers are taking advantage of these tools for their own benefit.
When we believe that cybercriminals no longer have ways to annoy us, they always manage to surprise us. For the worse, obviously (although there is other forces trying to fight them).
Although there are quite a few recommendations when it comes to preventing attacks and hacks, sometimes there is no way out of hackers unscathed. And the case that we bring you today is an example of this infinite imagination to do evil.
Steal our bandwidth and sell it. Yes, it sounds like a joke but it is not, as this is the latest practice that hackers have put in place.
According to a new investigation from Cisco’s Talos intelligence group, threat actors have begun to abusing internet sharing applications, commonly known as proxyware, such as Honeygain or Nanowire.
Proxyware are legal applications that help users monetize unused bandwidth. And the way it works is installing an application that forks excess bandwidth to a large network operated by internet service provider.
What the malware does is bypassing clients’ bandwidth in the same way as crypto mining malware tries to monetize the unused CPUs of millions of users around the world.
According to investigators, hackers are releasing modified clients to prevent them from sending alerts to victims, in order to keep flying under the radar.
And it is that as these platforms have become more popular, hackers have started taking advantage of trojanized installers, which install the client of the legitimate platform, following the same procedure that we already see in other types of more common hacks.
This practice is now reaching its peak, as they have begun to see patched versions of the Honeygain client running mining programs alongside information thieves sensitive. All to squeeze as much data from the victims as possible.
Now it is the work of the antivirus and firewalls to detect this type of malware, but the work is not going to be easy at all. Sadly, the most feasible today is to dispense with these types of applications, at least until this harmful practice is stopped.