ESET, an Eastern European cybersecurity software company, has found a malware campaign that had been targeting Chinese-speaking people in Malaysia, along with other countries in Southeast Asia and East Asia. It seems as though these scammers had been running Google Ads targeting people who search up for popular applications, pushing for their ad spots to appear on top of legitimate search results and getting users to click on their fake website.
Specifically, they’ve been creating fake websites that look identical to the websites of popular programs and softwares, such as Google Chrome, WhatsApp, Signal, Skype, Telegram and more. People who search these up and click on their Google Ad rather than the actual website will then be greeted by a look-a-like website that offers a download to the program that they had been looking for. However, when they download the installer, what they’ll get instead is a Trojanised installer containing the virus FatalRAT.
FatalRAT is a remote access Trojan that would grant the hacker access and control to the victim’s computer. It gives the hacker a bunch of functionalities to perform malicious tasks, such as capture your keystrokes, steal or even delete data stored on your computer, as well as download and execute files. ESET found that the malware campaign had been going on between August 2022 till January 2023, but curiously these Trojanised installers have been seen in the wild since at least May 2022.
Incidentally, all of these fake websites ended up pointing to he same IP address, a server hosting the Trojanised software. These websites seemingly targeted Chinese-speaking users in particular, by claiming to offer Chinese-language versions of software that isn’t available in China. ESET has since reported these scam ads to Google, who then removed them.
As a general rule of thumb, you should always pay attention to the address bar in your browser to ensure that you’re at a legitimate website rather than a fake one. Furthermore, when you download files, always double check that you’re getting the files you intended to download. If you do find out that you’ve been scammed, you can dial 997 to contact the National Scam Response Center, which was set up last October to coordinate a rapid response specifically for online financial scams.
Tesla Malaysia has managed to keep its vehicle prices unchanged despite the end of the…
The Malaysian government has announced that subsidised diesel for eligible Malaysians will be reduced to…
Rapid KL is now making its monthly unlimited ride pass accessible to more users. Besides…
If you're a current or upcoming Tesla EV owner, take note that Full Self-Driving (FSD)…
Be prepared to pay significantly more for your next brand new iPhone which is expected…
Dongfeng Malaysia is showcasing three new energy vehicles at KLIMS 2026 that could potentially enter…
This website uses cookies.