A new security alert on Raum malware warns of: “… a special tool used by cybercriminals to distribute malware by packaging it with the most popular torrent files on the Internet. The bad actors have analyzed trends on video, audio, software and other digital content downloads from around the globe and have created seeds on famous torrent trackers using weaponized torrents packaged with malicious code. The so-called “RAUM” tool has been actively used on uncovered underground affiliate networks based on a “Pay-Per-Install” model (PPI). This model leverages paying cybercriminals to distribute malware through modified torrent files that are joined with malware.” Bert Rankin, CMO at Lastline commented below.
Bert Rankin, CMO at Lastline:
“This is exactly the type of pernicious, evasive malware that cross-contaminates enterprise organizations. It bypasses firewalls and perimeter defenses, entering via BYOD and corporate assets used offline (off of the corporate domain) for downloading, etc.; unfortunately, completely blocking all software downloads on corporate assets is no longer pragmatic for many companies. It underscores that organizational security defenses must include the ability to identify malware by the behaviors it exhibits within the network and at endpoints. Signature solutions are wholly insufficient.”