Gatak Trojan delivered through fake Software offering

Five year old Gatak Trojan (Trojan.Gatak) is been distributed through an offer of obtaining pirated software to lure its victims. The malware is spread through online adverts offering pirated software keys that could allow use of premium software at a discount if legit.

Once the ad is clicked, a fake key gen page launches and Gatak is simultaneously delivered to the victim.  Much is known about the Gatak trojan but how the developers profit from the malware is still unclear. One theory is that the malware is used to exfiltrate data which is then sold on the dark web,

Some of the premium software which users are targeted to get keys for are

  • SketchList3D (woodworking design software)
  • Native Instruments Drumlab (sound engineering software)
  • BobCAD-CAM (metalworking/manufacturing software)
  • BarTender Enterprise Automation (label and barcode creation software)
  • HDClone (hard disk cloning utility)
  • Siemans SIMATIC STEP 7 (industrial automation software)

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s