Hackers often use legitimate software for their purposes. It helps them stay invisible to antiviruses and other security systems. This was stated by Alexey Lednev, Head of Expertise at PT Expert Security Center in Positive Technologies.
Attackers quite often use legitimate tools to carry out cyberattacks, as they can hide their activities and remain незаметными for some means of protection.
An antivirus may not notice the use of such tools or mark them as unwanted software. Usually, this does not cause an immediate reaction from cybersecurity specialists.
As an example of how software can be misused, the expert mentioned Ngrok. This software allows you to turn a regular computer into a server that can emulate the launch of a website or software with online functions.
This function is often used by developers to demonstrate pre-release versions of their products to customers or colleagues. When using Ngrok, the developer provides customers or colleagues with access to the product and, therefore, to their computer via a secure channel called a "tunnel".
According to Lednev, attackers often install Ngrok on infected computers. They use this software to control the victim's system. Since Ngrok is considered legitimate software, security systems may not recognize it as a threat and пропускать traffic between the infected computer and the hacker's device.
Ngrok is held in high esteem by hackers, as it helps build tunnels into the attacked infrastructure. It has been used very actively in recent years. According to the analytics of the Positive Technologies incident investigation team, it is used in 16–25% of all attacks.
Earlier it became known that the Cabinet continues to improve laws against fraudsters. New initiatives give security forces the right to block funds in citizens' accounts without a court order. This is aimed at combating cybercrime and theft. The blocking will last no more than ten days and will only affect the stolen amount.
Read also on the topic:
Criminal liability is planned to be introduced for droppers in Russia
Almost half of the programs that replaced applications for iOS are dangerous
Fraudsters began to deceive Russians through fake delivery from pick-up points
Fraudsters offer "help" to victims of scams: how not to become a victim of a new scheme
Now on home
Moscow sent 43 containers of weapons, including ATGMs and sniper rifles
There is a need to increase air traffic within Russia and abroad
Lada Niva Travel with a new 1.8-liter engine tested at temperatures of -25 and -30 °C
Производить первую энергию планировали ещё в апреле 2025 года
Retail is in second place, and education and medicine are in third place
The basic version of the system is capable of hitting targets at a range of up to 300 km
Security forces challenged the legality of yachting entertainment
JBI shelters built for aircraft
Attackers offer to participate in a gift drawing
The new VPR machine services 3300 sleepers per hour and requires only three operators
The drones have been re-flashed and have shown reliability in testing
The Christmas ball weighs 17 carats, and the puppy-shaped diamond weighs 2.7 carats