Cyble Research and Intelligence Labs (CRIL) discovered multiple fake Zoom sites created to spread malware among Zoom users.
The sites were created with a similar user interface and disguised the malware as Zoom’s legitimate application.
Details About the Malware
CRIL analyzed the malware deployed by the fake sites and established that it was Vidar Stealer, a malicious code that has links to the Arkei stealer.
Vidar is designed to steal information from an infected device, including:
- Banking Information
- Saved Passwords
- IP Addresses
- Browser history
- Login credentials
- Crypto-wallets
Here is a list of fake Zoom sites to avoid:
- zoom-download[.]host
- zoom-download[.]space
- zoom-download[.]fun
- zoomus[.]host
- zoomus[.]tech
- zoomus[.]website
