This shocking malware livestreams your computer screen
Malware turns victims into unwitting streamers
Cybersecurity researchers have spotted an innovative new malware that uses a popular live-streaming app to record and broadcast the screen of its victims to the threat attackers.
Spotted by Trend Micro, the remote access trojan (RAT) named BIOPASS, piggybacks inside installers for Adobe Flash Player and Microsoft Silverlight, both of which have been deprecated by their respective developers.
In its detailed examination of the BIOPASS RAT, Trend Micro notes that the malicious Flash and Silverlight installers in fact load the “sophisticated” RAT that’s implemented as Python scripts.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.
- Protect your devices with these best antivirus software
- These are the best malware removal software on the market
- Here are the best ransomware protection tools
“What makes BIOPASS RAT particularly interesting is that it can sniff its victim’s screen by abusing the framework of Open Broadcaster Software (OBS) Studio, a popular live streaming and video recording app, to establish live streaming to a cloud service via Real-Time Messaging Protocol (RTMP),” shares Trend Micro.
Inside job?
Trend Micro spotted BIOPASS in recent attacks, in what is known as a watering hole attack, against online gambling companies in China.
Although Trend Micro isn’t sure about the identity of the threat actors behind the RAT, it has found several pieces of evidence during its investigations to suggest that the malware could’ve been engineered by Chinese state-sponsored actors known as Winnti or APT41.
While state-sponsored threat actors are usually tasked to launch attacks across their borders, interestingly, Trend Micro notes that BIOPASS has several features that indicate that it is designed to target and steal the victim’s private information primarily from the web browsers and instant messengers that are popularly used in China.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
- We've put together a list of the best endpoint protection software
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.