{"id":37266,"date":"2022-06-28T08:09:00","date_gmt":"2022-06-28T08:09:00","guid":{"rendered":"https:\/\/cloudnewshub.com\/archives\/37266"},"modified":"2022-06-28T08:09:00","modified_gmt":"2022-06-28T08:09:00","slug":"avast-uncovers-thieves-kitchen-of-malware-writing-teens","status":"publish","type":"post","link":"https:\/\/cloudnewshub.com\/?p=37266","title":{"rendered":"Avast uncovers \u2018thieves\u2019 kitchen\u2019 of malware-writing teens"},"content":{"rendered":"<div><img decoding=\"async\" src=\"http:\/\/cloudnewshub.com\/wp-content\/uploads\/2022\/06\/avast-uncovers-thieves-kitchen-of-malware-writing-teens.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Researchers at Czech cyber firm Avast have discovered an <a href=\"https:\/\/blog.avast.com\/kids-discord-hacking-groups\">online community of children<\/a> using dedicated Discord servers to build, exchange and spread malware, including ransomware, infostealers and cryptominers.<\/p>\n<p>Various groups lure in individuals aged 11 to 18 by advertising access to different malware builders and toolkits that can be used to code malware without much technical expertise. Others specialise in the theft of gaming accounts, deleting Fortnite or Minecraft folders, or even online \u201cpranks\u201d such as causing a web browser window containing pornography to open repeatedly on the victim\u2019s system.<\/p>\n<p>In some cases, said Avast, the groups operate a pay-to-play system in which individuals have to buy access to malware builder tools, while in others, individuals can become group members but are then offered the tools for a nominal fee of between \u20ac5 and \u20ac25. Prices seem to differ based on the type of tool, duration of access, and so on.<\/p>\n<p>The groups, which can have more than 1,000 members, tend to focus on malware-as-a-service type offerings, such as Lunar, Snatch and Rift, and Avast said that on observing their message boards, it was extremely obvious that group admins are preying on young people \u2013 participants often discuss their ages, and the idea of hacking their schools or parents is a topic that exercises many. Often, conversations turned nasty, with many observed instances of fighting, instability and bullying.<\/p>\n<p>\u201cThese communities may be attractive to children and teens as hacking is seen as cool and fun, malware builders provide an affordable and easy way to hack someone and brag about it to peers, and even a way to make money through ransomware, cryptomining and the sale of user data,\u201d said Avast malware researcher Jan Holman.<\/p>\n<p>\u201cHowever, these activities by far aren\u2019t harmless \u2013 they are criminal. They can have significant personal and legal consequences, especially if children expose their own and their families\u2019 identities online or if the purchased malware actually infects the kids\u2019 computer, leaving their families vulnerable by letting them use the affected device. Their data, including online accounts and bank details, can be leaked to cyber criminals.\u201d<\/p>\n<p>Another notable feature of many of these groups that Avast observed is the use of YouTube to market and distribute malware. In many cases, the firm\u2019s researchers found community members creating YouTube videos that supposedly show information about a cracked game or cheat codes, which are linked to, but in fact lead to the malware.<\/p>\n<p>To create trust and game YouTube\u2019s algorithms and moderation policies, users will ask fellow community members to like and leave comments under the video, endorsing it and giving it the appearance of legitimacy.<\/p>\n<p>\u201cThis technique is quite insidious, because instead of fake accounts and bots, real people are used to upvote harmful content,\u201d said Holman. \u201cAs genuine accounts are working together to positively comment on the content, the malicious link seems more trustworthy, and as such can trick more people into downloading it.\u201d<\/p>\n<p>Avast said it had reached out to Discord, which has since banned the servers associated with the company\u2019s research, and has also created detections for the malware samples it found being spread.<\/p>\n<p>However, said the Avast team, some responsibility must still rest with parents to teach children to behave safely online.<\/p>\n<p>In particular, it is important to be sceptical of attractive offers such as game features or pre-releases, which are often used as lures, and to learn the importance of not revealing any passwords or personal information if active on multiplayer platforms, such as Minecraft.<\/p>\n<p>\u201cWhat may seem venturesome and fun can bring serious harm to others and be an actual criminal offence,\u201d said Avast\u2019s team \u201cYoung children may think they are safe as they aren\u2019t legally liable yet, however, their parents are. It is important for parents to talk to their children about this.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers at Czech cyber firm Avast have discovered an online community of children using dedicated Discord servers to build, exchange and spread malware, including ransomware, infostealers and cryptominers. Various groups lure in individuals aged 11 to 18 by advertising access to different malware builders and toolkits that can be used to code malware without much [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":37267,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[533],"tags":[],"class_list":["post-37266","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it"],"_links":{"self":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/37266","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=37266"}],"version-history":[{"count":0,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/37266\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/media\/37267"}],"wp:attachment":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=37266"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=37266"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=37266"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}