This is not the first time that we have been warned to be careful before downloading.
WinRar and Truecrypt installers are being used by several websites to distribute malware infected files.
Kaspersky Lab has reported that a new malware dubbed as StrongPity is being bundled with WinRar and Truecrypt installers and it executes once it has been ran.
Posing as a legitimate installer, it is done by manipulating the domain name. It allows it to get linked to the sites that that distribute the original files. However, by clicking the download link, it piggybacks and downloads the malware file. As malware goes, once it is in, it takes control of the entire system.
The malware, according to Kaspersky Lab, has hit various countries in the European Region including countries like Italy, Belgium and Turkey. The Middle East and Africa have also fallen prey to StrongPity.
Kaspersky researchers also revealed that fortunately for WinRar distributors, the malware has been removed. It was supposedly linked to their sites through fake installers.
However, one of the TrueCrypt distributors’ websites was still dropping the malware on victim’s devices. Although TrueCrypt’s development has long been halted since 2008 as Microsoft integrated support for encrypted virtual disks in its newer version of Windows following XP, the tool is still required to transfer the files from TrueCrypt to BitLocker format. The malware, through the distributor’s site, has made its way to Turkey affecting a considerable amount of users
