Zoom users beware: new banking malware attacking the platform

New malware is now attacking Zoom users everywhere, and it aims to steal your private banking information through the popular video chatting app.

The malware was recently identified by experts at Cyble Research & Intelligence Labs. Now, they’re trying to warn those who use the app regularly to protect themselves.

What does this malware do?

The malware known as IcedID has been put into action through threat actors actively spreading it by using modified versions of the Zoom application. This has affected tons of businesses, as Zoom has grown immensely in popularity, especially among companies that transitioned to working from home at the start of the Covid-19 pandemic in 2020. The malware acts as a loader (a type of malware that is used to install other malware onto a computer) by stealing private information from these companies and dumping additional malware onto their employees’ computers.

This means that it is stealing sensitive information and also potentially installing other harmful software that can cause further damage. This can cause significant harm to the affected businesses, as they may lose valuable information and suffer from additional security breaches or system disruptions.

Aside from being a loader, IcedID can also download additional modules from the internet and deliver other malware families, making it significantly difficult for the user to get rid of the malware once it’s planted into a computer. Once downloaded, its primary purpose is to steal private banking credentials.

How does the malware spread?

The most common way IcedID had been spread among users is by appearing via spam emails. The malware is hidden in email attachments found within malicious office files. However, these Zoom hackers tried a new technique that many were unprepared for this time around.

They use a phishing website called explorezoom.com to deliver the malware. This is a fake website disguised as an official Zoom domain whose sole purpose is to deliver the IcedID malware. The page tells users that to use Zoom, they must download a file called ZoomInstallerFull.exe. The file will download the actual Zoom application to distract the user from realizing that IcedID malware is also being downloaded onto their device.

How can I protect myself from IcedID?

The best way to protect yourself from any type of malware is by installing quality antivirus protection onto your device. You can install this on your phone, tablet, and laptop.  It would be a good idea for you to suggest this to your company if you’re someone who works from home and uses a device provided by your employer.

Best Antivirus Protection

It’s critical that all of your devices are protected from ongoing threats online.

One of the top anti-virus apps for both Androids and iPhones is TotalAV.   Their product is full of features to keep you safe from malware and protect you when browsing the internet including ransomware protection, real-time antivirus protection, elimination of viruses and malware, a tool to free up your computer’s space, plus more.   Limited-time deal for CyberGuy readers: $19 your first year (80% off).  You can check out our review of other anti-virus apps, here: Best Antivirus Security Software and Apps to Protect You.

Have you or someone you know been attacked by this malware called IcedID? If so, we’d like to hear from you.

 

Related:

Related posts

Understanding brushing scams and how to protect yourself

From TikTok to trouble: How your online data can be weaponized against you

Food tracking just got lazy (In the best way possible) with this wearable