1595317818_kTYuvN_Cybersecurity_FINAL.jpg 
Cybersecurity researchers found Brazil, India and Russia to be amongst some of the most targeted countries by the malware
Photo Credit :
Cybersecurity researchers have discovered a new malware that can steal users’ credentials, address, credit card data, cryptocurrencies and even Facebook and Amazon accounts.
Researchers found more than 47,500 users attacked with NullMixer malware, which is able to spy on users, capturing any information they are entering on the keyboard.
NullMixer is actively distributed by cybercriminals via websites offering crack, keygen and activators for downloading software illegally. Such untrustworthy pages always pose a threat for users as instead of providing proper software, they infect victims’ devices with malware. In most cases, users receive adware or other unwanted software, but NullMixer is far more dangerous, as it can download a huge number of Trojans at once, which can lead to a large-scale infection of any computer network.
A typical infection takes place when attempting to download cracked software from one of these sites. The user is repeatedly redirected to a page containing a password-protected archived program and detailed instructions. Everything looks normal as if the user is really about to download the software they need. However, following the instructions, the victim actually launches NullMixer, which drops multiple malware files on the infected machine, including downloaders, spyware, backdoors, bankers and other threats.
Among the threat families spread via NullMixer is the infamous RedLine stealer that hunts for credit card and cryptocurrency wallet data from infected machines, as well as Disbuk, also known as Socelar. Stealing cookies from Facebook and Amazon with Disbuk, attackers can gain access to the victim's accounts from these sites, obtaining their credentials, address and even payment details.
Kaspersky researchers found Brazil, India and Russia to be amongst some of the most targeted countries by the malware.