The creator of Antivirus Eset reported the spread of GoBotKR malware, which attacks users of torrent sites. This virus is a modified version of GoBot2, the source code of which is available from March 2017. This is how it's malware attack: A user downloads a torrent file of a movie or a series, after which he sees a set of intuitive programs and extensions, including files with PMA extensions (installer for codecs), MP4 and LNK.
OnePlus fixes 6/ 6T Fixes Quick Ripple Issue In Latest Beta Version
Malware is launched after clicking on the LNK file. After you install GoBotKR, the system begins collecting information: network configuration, operating systems, processors, and data on the installed anti-virus program. This information is sent to the command C&C server located in South Korea.
Specifications of Huawei's new phone leaked, read on
List of commands that can perform a backdoor, distribute torrents via BitTorrent and uTorrent, organize DDoS attacks, change the desktop background, copy viruses to cloud storage folders (Dropbox, OneDrive, Google Drive or Removable Media, a Launch proxy includes HTTP server, change firewall settings, enable or disable Task Manager.
According to experts Assets, the main purpose of the attackers is to unite infected computers into a botnet to carry out DDOS attacks.
