Fake Pirate Chick VPN Pushed AZORult Info Stealing Trojan

Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan. 

MalwareHunter, who discovered and shared this Pirate Chick with Bleeping Computer, analysed this sample and came to the conclusion that this is a Trojan that pretends to be a legitimate VPN software, but in the background downloads and installs a malware payload on a victim. 

Expert Comments: 

Paul Bischoff, Privacy Advocate at Comparitech.com: 

“The web is full of malicious and poorly-secured VPN apps that do the exact opposite of what users want: better security and privacy. I always caution people against using free VPNs with a rare few exceptions (my go-to free VPN recommendation is Windscribe). The fact that Pirate Chick advertises a three-month trial might make it seem more legitimate than a straight up free VPN, but according to this report, it’s one of the more insidious ones out there.    

This discovery begs the question: who out there still downloads adware bundles? It’s funny to think that there are people savvy enough to understand the need for a VPN but who don’t know how to spot a fake Adobe Flash update.” 

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.