Beware of fake antivirus sites spreading dangerous malware
When downloading antivirus software, ensuring it comes from a trusted source is crucial. It's possible to encounter fake online websites that offer tampered software versions like Avast, Bitdefender, and Malwarebytes. Downloading such a program infects the computer.
Details can be read in a post by Trellix, highlighted by the service The Hacker News. Experts point out three fake websites offering tampered versions of Avast antivirus for Android (in the form of an APK file), Bitdefender for computers (in this case, as a ZIP package), and the Malwarebytes application (as a RAR archive).
In each case, users are actually infecting their device by choosing to install it. One of many malicious programs then infiltrates the system—most often an infostealer, cryptocurrency miner, or remote access trojan. Depending on the situation, the downloaded malware can read keystrokes and SMS content, steal login data for various services, or record the screen—all without the user's awareness.
In the mentioned cases, the fake websites used to distribute the infected versions of the software are:
- avast-securedownload[.]com
- bitdefender-app[.]com
- malwarebytes[.]pro
As always, in such cases, we remind you to ensure the source is trustworthy before downloading any software. A fake site can typically be recognized by its URL, which may contain typos or names that are unrelated to the producer's authentic website.
However, it must be remembered that fake software can be downloaded to a computer or smartphone in many ways. Another equally popular method is phishing and fake attachments in emails or links in such messages that lead to tampered websites and counterfeit software versions.
