Social engineering is one of the fastest-growing methods for hackers to gain access to networks for malicious purposes. Essentially, it means deceiving or manipulating someone into providing information that allows a bad actor to steal information or money or gain access to sensitive computer networks.
Although phishing is one of the most common forms of social engineering, hackers use other techniques, too, including preying on users’ web activity via drive-by downloads. You must watch out for this malware campaign or risk inadvertently downloading malware that leads to a significant data breach or other losses.
Understanding the FakeBat Loader Malware Campaign
Over the first part of 2024, cybercriminals increasingly chose drive-by-downloads to spread harmful malware. The most common tactic is a legitimate-appearing landing page that impersonates real software that prompts you to download a software update. For example, you might visit a page that delivers an error message claiming there’s a problem displaying the web page and provides a link or redirect to download an update to “fix” the problem that’s malicious software.
Other tactics to get you to download the malware include using social networks and malvertising.
Where FakeBat Fits In
In 2024, the most common malicious software downloads utilize the FakeBat Loader. FakeBat is a service for hackers who want to design and deliver malware via this approach. Loaded with anti-detection features that allow criminals to circumvent common security features, like antivirus software and Windows Defender, FakeBat provides malware developers with the tools they need to trojanize legitimate software and monitor successful payload deliveries.
Cybercriminals can purchase the FakeBat tool for their malware campaigns weekly or monthly. Some of the programs that the malvertising campaigns targeted thus far include Google Chrome, Microsoft Teams, Inkscape, Zoom, 1Password, Anydesk, and Trello. Hackers can use the tool to deliver remote access trojans (RATS) that allow them to take over your device and information-stealing malware like BitRAT and Lumma Stealer.
Protecting Yourself Against the FakeBat Loader Threat
FakeBat makes it easy for bad actors to spread malicious software far and wide. Still, the fact that it’s currently the top cyberthreat doesn’t mean you must remain vulnerable to attacks.
The loader relies on sophisticated social engineering to trick users, creating similar language and imagery prompts. This underscores the need to check the authenticity of updates. Therefore, the first step to watch out for this malware campaign is to never download an update from any source other than the software developer; avoid downloading anything from landing pages or prompts that appear elsewhere.
This rapidly growing threat further illustrates the importance of using robust antivirus protection on all endpoints and keeping it updated. Whatever tool you select must be capable of detecting and blocking malicious files.
Business owners must provide ongoing, in-depth education to associates regarding phishing schemes, including drive-by downloads, so they can watch out for this malware campaign and avoid becoming a target.
