The apps that hackers supplant the most: dangerous even if you don’t believe it

Computer criminals and hackers use a whole series of techniques to try to place their malicious files trying to make sure that users do not notice them and that computer security and antivirus systems do not detect them either. For this reason, they constantly try to camouflage themselves as legitimate applications and programs.

VirusTotal, an online service that scans more than two million files and websites a day against more than seventy anti-virus scanners and domain block lists, has released a report providing insight into the various deception methods used in the campaigns. of malware, among which the techniques of impersonation of applications and websites stand out.

The apps that hackers supplant the most

The most supplanted applications

According to this cybersecurity website report, phishing attacks can direct users to download files from pages that appear to be part of familiar and trustworthy websites, but actually distribute Trojans designed to look like popular apps.

Aplicaciones suplantadas

According to the VirusTotal report , Skype (28%), Adobe Acrobat (11.2%) and VLC (17.6%) are the programs and applications that criminals most often impersonate to sneak malware into builds, according to data they cover the period between January 2021 and last July 2022. Others that are also frequently supplanted are 7Zip, Team Viewer, CCleaner, Microsoft Edge, Steam, Zoom and WhatsApp.

The report also looks at malicious installers that bundle malware with real installers for popular software, using stolen signing keys. VirusTotal names Google Chrome, Malwarebytes, Windows Update, Zoom, Brave, Firefox, ProtonVPN, and Telegram as popular apps that threat actors like to bundle with malware.

The websites through which the most hackers impersonate

Another segment of this report reviews the use of favicons to make websites look like the real thing and gain the trust of unsuspecting users by using copies of favicons to visually mimic legitimate applications.

Webs suplantadas

A is the little icon that appears at the top of a web browser when you visit a website, and according to VirusTotal, Whatsapp (23.5%), Instagram (22.5%), and Facebook (13%) favicons are the most used by malicious websites, which seem to have a particular fixation on Meta products.

Other websites that are usually supplanted are iCloud, Discord, Microsoft Office, Microsoft Outlook, Twitter, Steam and Netflix, which close this particular Top 10.