- There’s a fake
Amnesty International website created to offer protection against thePegasus spyware . - The anti-virus tool actually installs malware on the victim’s device.
- The website and the anti-virus tool look quite legitimate which might fool quite a lot of people.
This malware called ‘Sarwent’ isn’t very popular but it can be potentially harmful as it can activate remote desktop protocol on the victim’s device, security researchers from Talos Intelligence said in a blog post. If Sarwent is installed then hackers can gain remote access to the device and infiltrate any kind of data from it.
Hackers put in quite a lot of effort in replicating Amnesty International’s website but the giveaway is that the original site has a white background but the fake one has a transparent background. Talos found that this site has a full-page promotion of the anti-virus software called “AVPegasus”. Hackers offer a demo version of the “Amnesty Pegasus” software that users can download. The design of the anti-virus software also looks very legitimate and can easily fool one into thinking that it’s real. There’s a “Pegasus Scan” tool that scans and looks out for spyware, and other options like system junk, malware removal, maintenance and optimisation.
Talos found that the campaign for this malware is widespread but has a low-volume in comparison to other large-scale campaigns. The countries affected include the US, the UK, Russia, India, Ukraine, Czech Republic, Romania and Colombia but there haven’t been any malicious advertisements or phishing campaigns to promote the malware. The security firm is also not certain whether this is just the work of a financially motivated hacker or something bigger with a government possibly involved.
SEE ALSO:
How Google is using AI to improve search, videos and more with a focus on visuals
Realme Narzo 50A review: Camera upgrades, rest remains the same