Fareit Malware Returns With A Vengeance

The malicious software named “Fareit” has returned, and with a vengeance.  Fareit malware focuses on breaching your computer’s security, in an effort to obtain critical login credentials.

The History of Fareit

This particular form of malware was discovered in 2012, but has continued morphing throughout the years in an attempt to bypass anti-virus protection.

Historically, Fareit focused on obtaining login credentials for website domains.  This could be user names and passwords for such things as banking and email accounts.  Roughly seven months ago, a new variant of Fareit was discovered.  Softopedia reported,

“Cisco’s Talos security team has stumbled upon a new version of this malware family that behaves like a chameleon, changing its file hash with each infection, even if the file name remains the same.”

Cisco reported this Fareit variant primarily targeted Firefox login credentials.  There was also concerns that this was being used as a pay-per-infection, meaning cyber criminals were paying other cyber criminals to distribute the malware.  The more infections a cyber criminal initiates, the more they’re paid.

Today’s Fareit

The most recent Fareit malware threat is being distributed via a phishing attack.  A phishing attack is an email with a malicious link or attachment, designed to make you click on those links/attachments.  This most recent phishing attack includes malicious executable disguised as a PDF attachment, which includes the malware.  Once the user downloads the “PDF”, their computer becomes infected and the malware scans for any credentials that may be of value.  This may range from banking information, various account login credentials, administrative credentials, etc.

This is not the first time Fareit has used phishing attacks to distribute their malware.  Months ago InfoSecurity confirmed Fareit was being distributed through falsified FedEx emails, which also included a PDF attachment.

Staying Protected

  1. Think before you click.  Are you expecting this email?  Do you know the sender?  Are the links going to a secure website (https://)?
  2. Update your operating system (OS) and programs.  Our computers typically do a decent job of letting us know when things need to be updated.  But are we doing it, or are we clicking on “Ignore” or “Remind Me Tomorrow”?  Understandably, it may be an inconvenience to update your PC right that second, but you need to make time to do it as soon as possible.  Program updates are not just about getting the latest and greatest features, but also used to patch any security gaps that were found in the previous version.  If you choose not to update, you could be leaving the door open to hackers.
  3. Use a security solution that uses application whitelisting in a real-time setting.  What the heck does that mean??  Using a whitelist to protect your computer will confirm any applications that attempt to execute have been tested and categorized as trusted.  For example, the most recent Fareit malware cannot execute on a computer using PC Matic’s security solution because the application whitelisting agent, SuperShield, would scan the disguised PDF in real-time and determine it has not been tested and proven trusted.  Therefore, it would block it from downloading.

 

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles