Several months ago I wrote a blog post about an adware downloader which after execution downloaded a few adware programs and installed them on the computer, giving no chance for the user to skip or bypass their installation. This time, we will analyze an application, which installs similar types of adware programs on user computers.
We received a file which appeared to be a crack of Pinnacle Studio HD Ultimate. After displaying the initial splash screen, it offers the user to install Pinnacle Pixie Activation 500. After confirmation, the crack is installed, but in addition to the crack, other programs and toolbars unexpectedly appeared on the compromised computer. Pinnacle was not the only target of this kind of attack. Cracks for programs like Sims, Nero, Rosetta Stone, and Pro Evolution Soccer 2013 were also used in distribution.
Bad Piggies, the spin-off game to Rovio’s wildly popular Angry Birds, hit the online stores last week, and following in its sizable wake were fake versions designed to install an aggressive adware program into Chrome browsers. Reportedly, over 83,000 Google Chrome users have been infected.
Cybercrooks found a niche because Bad Piggies is only available for Android devices on Google Play (free) or Apple devices ($0.99 for iPhone and $2.99 for iPad) on iTunes. Free versions of Bad Piggies that claimed to be from the creators of Angry Birds appeared on the Chrome web store shortly after the release. The top 3 listed are called Bad Piggies, but they are from different companies; padeba, gametc.com, and the HD version from HitsGames. They have over 13,000 downloads.
Reviews of the games reveal the anger and disappointment of Rovio fans. Read more…