• About
  • Privacy & Policy
  • Contact
TechGuide
  • Home
  • News
  • Computers
  • Applications
  • Security
No Result
View All Result
  • Home
  • News
  • Computers
  • Applications
  • Security
No Result
View All Result
Technology Guide
No Result
View All Result

These misspelled websites are spreading nasty malware — how to stay safe

admin by admin
Home Security
Share on FacebookShare on Twitter

Unlike with Word and other office software, your browser’s address bar doesn’t have a spell checker which is why look-alike domains are often used in phishing attacks and to spread malware.

Also known as typosquatting, this is an old tactic used by cybercriminals where they register domains that are similar to legitimate ones with the hope that potential victims misspell a website’s address and end up on a fake site instead.

As reported by BleepingComputer(opens in new tab), a new typosquatting campaign has been discovered in the wild which uses 200 fake domains impersonating 27 popular brands to trick users into downloading Android and Windows malware.

At first glance, many of these typosquatting domains seem quite convincing as the sites they point to are either clones of legitimate ones or use their logos and style. The domains in this particular campaign are close to the sites they’re impersonating with only a single letter in the wrong place or an extra “s” which can be easy for those not paying close attention to miss.

Using typosquatting to spread Android and Windows malware

This new typosquatting campaign was first discovered by the cybersecurity firm Cyble which published a blog post(opens in new tab) detailing how the cybercriminals behind it are using fake domains to impersonate app stores and even social media sites.

Some of these fake domains mimic popular Android app stores like the Google Play Store, APKCombo and APKPure. While potential victims think they’re downloading a legitimate Android app, their devices actually become infected with the ERMAC banking trojan that can steal money from your online banking accounts and the best cryptocurrency wallets.

At the same time, the cybercriminals have also set up fake sites impersonating Snapchat, TikTok, VidMate, PayPal, Google Wallet and other popular services. Here are just a few of the typosquatting domains you’ll want to look out for:

  • payce-google[.]com – impersonates Google Wallet
  • snanpckat-apk[.]com – impersonates Snapchat
  • vidmates-app[.]com – impersonates VidMate
  • paltpak-apk[.]com – impersonates PayPal
  • m-apkpures[.]com – impersonates APKPure
  • tiktok-apk[.]link – impersonates the download page for TikTok’s app

However, BleepingComputer also discovered a much larger typosquatting campaign launched by the same cybercriminals designed to distribute Windows malware instead. There are more than 90 fake websites impersonating popular brands in order to distribute the Vidar malware and the Agent Tesla keylogger

Some examples of typosquatting domains used to distribute Windows malware include notepads-plus-plus[.]org that impersonates the popular Notepad++ text editor, tocproject[.]com impersonating the Tor Project and braves-browsers[.]org which appears similar to the actual site for Brave Browser.

How to stay safe from typosquatting domains

Although many of the best Android browsers like Google Chrome and Microsoft Edge include typosquatting protection, this feature doesn’t always prevent users from navigating to fake websites.

To avoid accidentally navigating to a fake website with a misspelled web address, you should use a search engine to find the site you want to visit instead of trying to manually type out its name in your browser’s address bar. However, you may want to avoid clicking on any of the ads shown in the search results as cybercriminals often create and use malicious ads to impersonate legitimate websites.

To further protect your data and devices, you should consider installing one of the best antivirus software solutions on your PC or laptop running Windows as well as one of the best Android antivirus apps on your Android smartphone.

Since typosquatting can be quite profitable for cybercriminals, this attack method likely isn’t going anywhere anytime soon. For this reason, you should always be extra careful when manually writing out the addresses of popular sites in your browser.

admin

admin

Next Post
How to block ads on Chrome

How to block ads on Chrome

Please login to join discussion

Antidetect browser

Recommended.

Mac Pro M2 just tipped for 2023 — with 48 CPU cores and 152 GPU cores

Mac Pro M2 just tipped for 2023 — with 48 CPU cores and 152 GPU cores

How to install Android apps on Windows 11

How to install Android apps on Windows 11

Trending.

How to convert a JPG to PDF on Windows PC and Mac

How to convert a JPG to PDF on Windows PC and Mac

Technology Guide

Tech Product Reviews, Top Picks and How To

Category

  • Applications
  • Computers
  • News
  • Security

Site Navigation

  • About
  • Privacy & Policy
  • Contact

Recent News

LastPass had its source code stolen by hackers – this is why your passwords are still safe

LastPass had its source code stolen by hackers – this is why your passwords are still safe

Gmail just got a big redesign — here’s how to activate it now

Gmail just got a big redesign — here’s how to activate it now

  • About
  • Privacy & Policy
  • Contact

© 2022 Technology Guide

No Result
View All Result
  • Home
  • Applications
  • Computers
  • Security

© 2022 Technology Guide