There are many ways your computer can get infected with malicious software and so-called “infostealers”. One common scenario is when you’re looking for software to download through a search engine, or another source you deem trustworthy, you might believe you’re downloading legit software, but it’s in fact malicious software.
The way the cyber criminals operate is that they throw out “baits” – fake ads or websites disguised as the software you’re looking for – and wait until you click. You might be getting the actual software, but it’s packed with malicious software, as well. What’s even more concerning is that the fake results might appear at the top of your search results onGoogle, for example, marked as “ads”. This method is known as “malvertising”.
An infostealer is a piece of malicious software, belonging to the malware or spyware family, that’s usually distributed through malvertisement, spam, pirated software, or compromised accounts. It’s designed to steal as much sensitive information as possible from your computer using a targeted search of your files and documents, or even information stored in your browser. Some infostealers also serve as keyloggers, so that they can trace and log your keystrokes in search of your passwords. Infostealers, however, don’t encrypt your files like ransomware.
The scary part is that it’s very difficult to protect yourself against infostealers, even with anti-virus software since you gave the infostealer access to your computer. The malware operates very quickly. Because it never encrypts files, but simply steals the information, anti-virus software might not detect it before it’s too late.
How can you protect yourself?
When you’re looking for software to download, it’s important to make sure you’re on the legit, official webpage. An easy way to check this is by hovering your cursor over the download button. If a different domain pops up — stay away! Also, when you conduct the initial search, avoid clicking the ads that appear as the first search results. You don’t really know who’s behind those ads, so they cannot be trusted. It’s easier for attackers to pay for ads on the top of search results than to rank first organically. You could consider using an adblocker like uBlock Origin. This free browser extension blocks ads, so they won’t even be available for you to click. This does, however, also block legitimate ads.
A good rule of thumb is to avoid using work accounts to do personal things online or doing work-related things on your personal devices. In these instances, your company’s security team loses the visibility they’d need to take action and help you out in case of an incident.
Always practise good cyber hygiene on your computer as well. Don’t store sensitive information on your computer without encryption. Don’t write sensitive information in text notes, Word documents or spreadsheets. Also, avoid storing credentials in your browser using the built-in password manager that you’ll find through Chrome, Firefox, and other browsers. Even though it’s more secure than writing info in a text file on your desktop, an infostealer can still gain access to those. A better option is to use a dedicated password manager, which provides much stronger protection.