Die Fernwartungssoftware Ammy soll von der offiziellen Website in ihrem offiziellen Installer Spyware ausgeliefert haben, dies berichtet WeLiveSecurity. Die Webseite soll dabei gehackt wurden sein und die ausgelieferte Malware soll zur Buhtrap-Gruppe gehören.
Mehr Informationen:
We noticed in late October that users visiting the Ammyy website to download the free version of its remote administrator software were being served a bundle containing not only the legitimate Remote Desktop Software Ammyy Admin, but also an NSIS (Nullsoft Scriptable Installation Software) installer ultimately intended to install the tools used by the Buhtrap gang to spy on and control their victims’ computers.
Operation Buhtrap malware distributed via ammyy.com