Compromising operating systems through fake software updates
As computer users become more virus-aware, malware authors are now attempting to dupe users into downloading their malicious software by masking it as a legitimate software update. Most users are aware that it is important to keep computer applications up to date in order to avoid being a victim of the malware.
“Evilgrade” framework can perform security auditing of operating systems by recreating Man in the Middle (MITM) assault. The assault works in situations where the assailant has DNS access and spoofing abilities. Evilgrade utilizes ineffectively updated framework utilities as an assault vector. A portion of the regular utilities upheld by Evilgrade incorporates Notepad++, Ccleaner, Teamviewer, Virtualbox, Filezilla, Skype, and VMware. At the point when the client opens one of the inadequately redesigned utilities, Evilgrade sends a (counterfeit) update message to the client through MITM assault. The message contains a payload that generates indirect access to the objective framework. If the client installs the updates, a backdoor will be downloaded on the target system that can be abused remotely through programs like Metasploit.
Download evilgrade using the “git clone” command from the following GitHub link: “https://github.com/infobyte/evilgrade.git.”
