Skip to content

Vigilante malware and you

  • by
a new malware after pirates

Typically, when someone gets malware it is to steal passwords, serve ads or encrypt your files for ransom. A new malware has turned that idea on its head. This new software attacks software pirates instead. This one has features that indicate that it was specifically made to target pirates.

Per Ars Technica:

Vigilante, as Sophos Labs Principal Researcher Andrew Brandt is calling the malware, gets installed when victims download and execute what they think is pirated software or games. Behind the scenes, the malware reports the file name that was executed to an attacker-controlled server, along with the IP address of the victims’ computers. As a finishing touch, Vigilante tries to modify the victims’ computers so they can no longer access and as many as 1,000 other pirate sites.

Malware has been in the news a lot lately as it was the cause behind the Colonial Pipeline shutdown, and also affected the meat processing plant JBS. These attacks resemble the standard operating process of malware in that it encrypted the company files and requested a ransom to release the unlock tool. Most end users that get malware have their computer serving them ads constantly and their searches redirected to serve even more ads on their search results.

Vigilante is different in that it also edits a file on the user’s computer that causes requests to the more common pirate sites to redirect in a loop that goes nowhere and causes a pirate to no longer be able to access piracy sites. One thing is to note that the infection does not have a way to reinstall itself, so once a user goes in and changes the edited file back, the infection goes away.

If you have recently been receiving errors in your software, it may be that this malware has infected you. It is is always a good idea to ensure that you have a current backup of all of your important files, and that you use both a physical backup, as well as a cloud based one. If your computer does have issues, Mac or PC, bring it by and we will gladly take a look, or give us a call and we can answer any questions.

Parts if this article came from ArsTechnica and also on SophosLabs.

Frankenstein Computers has been taking care of our happy clients since 1999. We specialize in IT Support, IT Service, IT Security MAC repair, PC Repair, Virus Removal, and much more. Give us a call for remote support or drop in to drop off.

Frankenstein Computers & Networking © 2024. All Rights Reserved.