When you’re on a tight budget, it’s tempting to want to find a free version of the software you need. But it’s long been known that using pirated versions of popular software can put your computer at risk of getting malware. The discovery of a new “cryptojacking” virus is a good reminder that you should stick with using properly licensed software.

How do attackers make pirated versions of popular software?

Most legitimate desktop software that isn’t free (including paid versions of freemium software) uses some form of “rights management” to detect whether you have paid for the full product or not. This ability to control access can involve very complex methods, including the use of digital signatures.

However, digital rights management or DRM has technical limitations just like any other security feature. So, attackers wanting to make money from “cracking” these restrictions spend a lot of time and money figuring out those limitations. Once they do, they can create a “free” version, and then add their own “package” to it, which can be effectively “invisible” when installed by a victim.

 

supply chain factory

The latest threat from pirated software

Once you install pirated software on your computer, it will begin to look for ways to “turn off” your current anti-malware software, so it can do more devious things. The challenge of turning off security software is often as complicated as cracking the DRM licensing restrictions, but it is possible. If the attacker can turn off the security software on your system, then they can install other dangerous “packages” such as keyloggers or “rootkits”, which can take full control of your computer without you even knowing it.

Now, there is a “cryptominer” called “Crackonosh”, which is designed to turn your extra computing power into cryptomining software that creates currency for the attacker (using your CPU and memory capacity). So far, it’s reported that over $2 million worth of Moneris cryptocoin currency has been mined through this kind of attack, victimizing users of “cracked” software.

Avoid using “cracked” versions of software  to reduce risks from malware and cryptojacking

Never download and install software that you know is intentionally bypassing licensing restrictions, just so you can save money. In the end, you’ll likely get an immediate malware infection, plus your security software will likely be disabled, putting you at risk from other kinds of infections and attacks.

Security software has its limitations. So, it’s important to use caution and use legitimate software at all times.

If your team could use some new, engaging security awareness training and practice, you may be interested in checking out Click Armor’s gamified security awareness platform. It can provide immediate, measurable impacts on employee proficiency, and improve security culture.

Contact us to learn more.

 

Photo by Art Rachen on Unsplash

Cyber Security

Phishing Defense

Phishing threatens businesses and opens the door to ransomware. Fight phishing and spear phishing attacks with gamified learning.

Social Engineering Defense

Social engineering scams are a serious hazard to businesses. Fight back with Click Armor.

Cyber Security Awareness for Remote Workers

Home-based workers are vulnerable to cyber attacks. Build team immunity today.

Privacy and Compliance

PCI Compliance Awareness

When team members work in an environment where they may encounter cardholder data, they need to know what to do to protect it.

Gamified HIPAA Compliance Awareness

If your business is a supplier to a healthcare provider in the USA or Canada, your team needs to know what to do to protect Protected Health information (PHI).

Gamified Learning Platform

Active Awareness Platform

Experience the power of tailored gamified learning with Click Armor. Take your security awareness training to the next level.