Installing a VPN is something that has become very common among users. We have at our disposal many options for all types of operating systems and devices. The problem is that some options can be unsafe and pose a serious problem. In this article we echo a backdoor that affects Windows and disguises itself as a VPN .
A backdoor is hidden like a VPN
This problem has been detected by security researchers at Trend Micro . It is a package that pretends to be a VPN from Windscribe, but it is actually a Trojan. Inside contains the Bladabindi back door.
This back door could jeopardize the safety of our equipment . Specifically, it would have the ability to execute a user’s commands maliciously and remotely, which would allow the downloading of files, editing, execution, etc.
It would also have the ability to record keystrokes . A way to steal passwords from victims. It also has the ability to take screenshots of the user to collect all kinds of information and data.
This backdoor masquerading as a VPN could collect information from your computer. For example, the operating system, the username, the computer … Also know what security tools are running and possible passwords stored in the browsers.
No warning sign
But without a doubt the main problem with all this is that users, at least first, would not notice anything. That is, once you download and install this VPN that comes with a back door , the operation would be correct. They would not notice any problems with the equipment, such as slowdowns or failures.
This application comes in a pack with three files . One of them is the legitimate installer, another is the malicious file called lscm.exe (which contains the back door) and the application that runs that malicious file (win.vbs).
During the installation process, the user sees the screen for legitimate VPN activity. However, it hides the execution of the malware in the background , as indicated by security researchers. The victim therefore does not realize this detail.
This technique is becoming quite popular in both desktop and mobile applications. Basically what it does is combine a legitimate program with malicious software . In this way, the victim installs a fully functional program that will not make him suspicious, but also has malware incorporated.
This makes common sense more important than ever. We must not make mistakes that could compromise our security and privacy. We always need to download programs from official sources, that are legitimate and do not give rise to possible problems.
In the same way, it will be essential to always have security tools . A good antivirus can prevent the entry of threats that affect us. Also the fact of having the equipment updated is vital. Sometimes vulnerabilities emerge that can be exploited by hackers.
