Security Researchers Report Spike in FormBook Malware
- Security researchers from Deep Instinct have reported a spurt in FormBook and other trojan activity in recent times.
- The FormBook malware is being heavily distributed using file hosting website DropMyBin.
- The security researchers have suggested avoiding DropMyBin at all costs as it is home to a number of trojans and malware.
There has been a noticeable spike in FormBook infections in the recent past, and security researchers from Deep Instinct have traced it down to a new file-hosting service DropMyBin. FormBook is a popular malware that is used to steal private information from users like passwords and emails. Users are tricked into downloading infected documents that contain the malware and opening the infected files infects systems with malicious code.
The DropMyBin file hosting service is just over a week old, and it is masking its real-world location. FormBook, on the other hand, is not new with the malware being discovered for the first time in 2016. The malware was used to target defense and aerospace contractors in South Korea and the United States.
FormBook is not the only malware that is hosted on DropMyBin with a number of other malicious trojans being available that target a variety of platforms. Deep Instinct researchers believe that digging deeper could allow more malware to be identified.
The primary reason attackers are using DropMyBin to spread malware like FormBook is reliability. Unlike standard ethical file hosting platforms, DropMyBin does not actively remove malware from the website. It is essentially a platform that encourages malware. It disguises itself as a website that offers direct downloads. The website also claims to keep all files for at least thirty days and does not log user data in a bid to respect user privacy. These terms of use are likely to attract the average internet user, and people end up downloading infected files hosted on the platform. The security researchers from Deep Instinct have suggested avoiding DropMyBin completely to keep yourself safe unless the situation on the website changes.
What do you think about the rise in FormBook malware becoming relevant again because of DropMyBin? Let us know in the comments below. Don’t forget to like this story and subscribe to our socials on Facebook and Twitter.