The Hidden Threat of the SoundCloud Malware

‍In the ever-evolving world of cyber crime, surgiu uma nova ameaça que tem como alvo os usuários da popular plataforma de streaming de música, SoundCloud. The so-called “SoundCloud Virus” is a sophisticated piece of malware that leverages hijacked SoundCloud accounts to spread malwares and adware applications. This article delves into the nature of this threat, its distribution methods, and steps to combat it.

The Anatomy of SoundCloud Malware

The “SoundCloud Virus” is a term coined to describe a type of malware that takes advantage of SoundCloud, a widely-used music streaming platform. Cyber criminals hack into genuine SoundCloud accounts and use them to promote malicious links to sites that host harmful programs. Examples of these include PrivateLoader, a Windows backdoor/loader-type malware, and MobiDash, an adware application that targets Android devices.

Resumo da ameaça:
Nome: SoundCloud Malware
Tipo de ameaça: Trojan, Password-stealing Virus, Banking Malware, spyware
Payload: PrivateLoader, MobiDash
Sintomas: Often no noticeable symptoms. The malware operates in stealth mode.
Métodos de distribuição: Malicious links in SoundCloud track descriptions, Engenharia social

Unpacking the “SoundCloud Virus”

Known compromised SoundCloud accounts number in the hundreds, each one a legitimate account likely procured via credential-stealing malware or phishing scams. The music tracks from these accounts contain a voice-generated message leading listeners to a link in the description. This link, usually a shortened URL, leads victims to harmful download webpages.

The malicious payload is downloaded from these pages. If the user’s device is identified as a Windows system, the payload arrives as a password-protected archive containing the PrivateLoader malware. This type of malware is designed to cause chain infections, meaning it downloads and installs additional harmful programs or components.

PrivateLoader is known to distribute several types of malware including Amadey, Fabookie, G-Cleaner, RedLine, SmokeLoader, and Vidar. These malicious programs primarily function as loaders/backdoors and data stealers.

The “SoundCloud Virus” also targets Android devices, in this case distributing the MobiDash adware. Adware is designed to generate revenue for its developers by displaying intrusive advertisements. It can also redirect users to deceptive or dangerous sites, and in the case of more advanced versions, collect sensitive information, subscribe users to premium services, or engage in other harmful activities.

Em resumo, high-risk malware like those promoted by the “SoundCloud Virus” can lead to numerous system infections, diminished system performance, perda de dados, graves problemas de privacidade, perdas financeiras substanciais, e roubo de identidade.

If your device is suspected to be infected, it’s recommended to run a complete system scan using an anti-virus tool and remove all detected threats immediately.

Parallel Threats in the Digital Landscape

Cyber criminals often exploit the names, designs, and graphics of legitimate products and services to deliver harmful content. Some examples include ChatGPT (chatbot), AnyDesk (remote access tool), Dropbox Update Setup (cloud storage and file sharing service), Telegrama (instant messaging software), Ampliação (telecommunications service), Avg Antivirus, Google Translate, Ads Blocker (Android), e muitos mais.

The Infiltration Tactics of the “SoundCloud Virus”

Como mencionado anteriormente, the “SoundCloud Virus” primarily spreads through compromised SoundCloud accounts. The victim is prompted to follow a link in the description of a music track uploaded to the hijacked account. This link, a shortened URL, redirects to a harmful webpage where the victim downloads the payload, hosted on a compromised WordPress site.

The payload arrives as a password-protected archive which, upon opening, triggers the malware download and installation process. No entanto, it’s important to note that other distribution methods may be employed to spread malicious software disguised as SoundCloud-related content.

Malware is often spread through phishing tactics and social engineering. It can infiltrate systems as executables (.Exe, .correr), documentos (PDF, Microsoft Office, Microsoft OneNote, etc.), JavaScript, e mais. When an infected file is executed or opened, it initiates the infection chain.

Other common distribution channels include online scams, malicious attachments in spam emails/messages, stealthy downloads, dubious download sources (v.g., freeware and third-party websites, Peer-to-Peer sharing networks), illegal software activation tools ("rachaduras"), and fake updates.

Além disso, some malware can spread through local networks and removable storage devices (v.g., external hard drives, USB flash drives).

Tips to Prevent Malware Installation

Practicing caution while browsing is crucial as deceptive and harmful online content often appears genuine. Be careful with incoming emails and messages, and avoid opening attachments or links from suspicious or irrelevant sources as they can lead to infection.

Download only from official and verified sources. Activate and update all programs using legitimate functions/tools, as third-party options can contain malware. A reliable anti-virus tool should be installed and updated regularly. Use it to perform regular system scans and remove threats/issues. Se você suspeitar que seu computador está infectado, recomendamos executar uma varredura com SpyHunter to remove infiltrated malware automatically.

Tente o SpyHunter

SpyHunter é uma ferramenta poderosa que é capaz de manter seu Windows limpo. Ele procuraria e excluiria automaticamente todos os elementos relacionados a malware. Não é apenas a maneira mais fácil de eliminar malware, mas também a mais segura e segura. A versão completa do SpyHunter custa $42 (você começa com 6 meses de subscrição). Ao clicar no botão, você concorda com EULA e Política de Privacidade. O download começará automaticamente.

Baixar SpyHunter

para Windows

Experimente o SpyHunter para Mac

SpyHunter para Mac remove totalmente todas as instâncias dos vírus mais recentes do Mac / MacBook e Safari. Além disso, é mais eficaz e pode ajudar a otimizar o MacOS e liberar espaço no disco. Compatível com todas as versões do MacOS. A versão gratuita do SpyHunter para Mac permite que você, sujeita a um período de espera de 48 horas, uma correção e remoção para resultados encontrados. A versão completa do SpyHunter custa $42 (você começa com 6 meses de subscrição). Ao clicar no botão, você concorda com EULA e Política de Privacidade. O download começará automaticamente.

Baixe SpyHunter para Mac

versões MacOS

 

Manual Malware Removal

Manual malware removal can be a complex task. It’s usually best to rely on anti-virus or anti-malware programs to handle this. No entanto, if you wish to attempt manual removal, the following steps may guide you. Be aware that this method requires advanced IT skills and may not work against advanced malware infections. Como sempre, prevention is better than cure.

Passo 1: Identify Suspicious Programs

The first step is to identify the name of the malware you’re trying to remove. Por exemplo, you might find a suspicious program running on your computer using task manager.

Passo 2: Baixar execuções automáticas

The next step is to download a program called Execuções automáticas. This program shows auto-start applications, Registro, e locais do sistema de arquivos.

Passo 3: Reinicie no modo de segurança

Reinicie o seu computador no modo de segurança. This process varies depending on your operating system, but generally involves restarting your computer and pressing the F8 key during startup to access the Safe Mode option.

Passo 4: Executar execuções automáticas

Extract the downloaded archive and run the Autoruns.exe file. No aplicativo Autoruns, click “Options”, uncheck “Hide Empty Locations” and “Hide Windows Entries”, em seguida, clique no ícone “Atualizar”.

Passo 5: Locate and Delete the Malware

Check the list provided by Autoruns and locate the malware file you want to remove. Take note of its full path and name. Some malware may hide under legitimate Windows process names, so be careful to avoid removing system files. Once you find the suspicious program, right-click on its name and choose “Delete”.

Depois de remover o malware através do Autoruns (which prevents the malware from running automatically on the next system startup), search for the malware name on your computer. Be sure to enable hidden files and folders before proceeding. Se você encontrar o arquivo, remova.

Reinicie o seu computador no modo normal. Following these steps should remove any malware from your computer. To ensure your computer is free of malware infections, we recommend scanning it with SpyHunter.

perguntas frequentes

Q: My computer is infected with the “SoundCloud Virus”. Should I format my storage device to get rid of it?

A: Most malicious programs can be removed without resorting to formatting.

Q: What are the biggest issues that the “SoundCloud Virus” can cause?

A: The threats posed by an infection depend on the malware’s abilities and the cyber criminals’ goals. Geralmente, high-risk malware can cause multiple system infections, diminished system performance, perda de dados, sérios problemas de privacidade, perdas financeiras, e roubo de identidade.

Q: What is the purpose of the “SoundCloud Virus”?

A: Na maioria dos casos, malware is used for profit. No entanto, cyber criminals can also use malicious software for amusement, personal vendettas, disruption of critical processes, and even politically motivated attacks.

Q: How did the “SoundCloud Virus” infiltrate my computer?

A: The malware associated with the “SoundCloud Virus” is promoted via compromised SoundCloud accounts. No entanto, other methods could be used to proliferate malware disguised as SoundCloud-related content, como downloads drive-by, golpes on-line, spam mail, dubious download channels, illegal program activation tools ("rachaduras"), atualizações falsas, and malvertising.

 

Deixe uma resposta

seu endereço de e-mail não será publicado. Os campos obrigatórios estão marcados *