Alert! Cyber Expert Finds New Trojan Under The Guise Of AutoCAD And SketchUp

Examples of AutoCAD malicious websites (photo: Kaspersky)

JAKARTA - Kaspersky experts discovered a new Trojan-Downloader called TookPS which was spread through fake websites that mimic popular 3D software such as UltraViewer, AutoCAD, and SketchUp.

First observed by Kaspersky experts in early March, TookPS infiltrated the victim's device via a fake download page that looked like an official website. Potential victims of this campaign can include individuals and organizations.

This is a broader campaign, targeting individuals and organizations, where malware is hiding under various guises to lure as many targeted casualties as possible, explains Vasily Kolesnikov, security expert at Kaspersky.

Once on the device, TookPS runs a series of scripts and that allow attackers to install backdoors on victims' systems, giving them hidden long-distance access and the ability to carry out commands illegally.

Based on a technical analysis of the malicious file, Kaspersky researchers believe that perhaps the perpetrators used other well-known software brands such as Ableton (for music production) or Quicken (for personal financial management).

"To avoid being a victim of such attacks, we urge users to remain vigilant: always re-check links and websites, and avoid searching and even downloading pirated software online," Vasily stressed.

Kaspersky also shared tips to avoid general cyber threats while exploring the internet:

For the organization, Kaspersky suggested implementing a strong security policy prohibiting software downloads from unverified or pirated sources.

"periodic cybersecurity training must also be carried out to ensure employees continue to receive information and are aware of potential threats," he concluded.