Criminals are using names of popular social meeting apps to distribute cyberthreats: Kaspersky

With the rise of social distancing people have been counting on social meeting apps extensively to keep in touch with both colleagues and friends, family. Cyber security experts from Kaspersky have been investigating the threat landscape for social meeting applications to make sure users are safe and their communication experience is enjoyable.

However, subsequent analysis has detected around 1,300 files that have names similar to prominent applications like Zoom, Webex and Slack which online scammers and hackers are using to distribute various cyberthreats.

Amid those 1,300 files, 200 threats were detected and the most prevalent were two adware families - DealPly and DownloadSponsor. Both families are installers that show ads or download adware modules. Such software typically appears on users' devices once they are downloaded from unofficial marketplaces.

Apart from adware, in a few cases Kaspersky experts found threats disguised as .lnk files -shortcuts to applications. In fact, according to the Kaspersky report, the vast majority of them were detected as Exploit.Win32.CVE-2010-2568 - a quite old, yet still widespread malicious code that allows the attackers to infect some computers with additional malware.

The real "king" of social meeting applications in terms of the one whose name is most used by criminals to try to distribute cyber threats is Skype. Kaspersky experts were able to find 120,000 various suspicious files that use the name of this application. Moreover, unlike the names of other apps, this particular name is used to distribute not only adware, but also various malware — particularly Trojans.