A Ukrainian utility company was breached after installing a pirated version of Microsoft Office downloaded from a torrent website.
The breach was reportedly detected by specialists from the Computer Emergency Response Team of Ukraine (CERT-UA), which identified unauthorized access to the information and communication systems of a utility company in Ukraine.
Investigation showed that the compromise of the company’s systems first took place in January this year, when one of the employees installed an unlicensed version of Microsoft Office 2019, downloaded from a torrent website, toloka.to.
Installed software included the DarkCrystal RAT [remote access trojan] malware and the DWAgent remote administration tool. The presence of these tools created a gateway for unauthorized third-party access to the company's systems over the period of two months.
The case serves as a stark reminder of the dangers of software piracy. CERT-UA notes that this is not the first time it has encountered a primary compromise vector of this nature.
Similar cases have been documented where devices were infected after downloading operating systems and other programs such as scanners and password recovery tools from unofficial sources.
Specialists are urging users to exercise caution. This includes using licensed software instead of pirated versions, downloading software only from official websites of development companies, updating software in a timely manner, and avoiding suspicious links and attachments sent by unknown senders.
Your email address will not be published. Required fields are markedmarked