Threat actors are creating fake websites hosting trojanized software installers to trick unsuspecting users into downloading a downloader malware called Fruity with the goal of installing remote trojans tools like Remcos RAT.
“Among the software in question are various instruments for fine-tuning CPUs, graphic cards, and BIOS; PC hardware-monitoring tools; and some other apps,” cybersecurity vendor Doctor Web said in an analysis.
“Such installers are used as a decoy and contain not only the software potential victims are interested in, but also the trojan itself with all its components.”