Whereas the payload included the promised performance, which itself accounts for piracy, it additionally delivered “subtle” malware straight onto customers’ computer systems.
As a result of Foxit’s set up listing resides within the “Program Recordsdata” folder, Kaspersky famous that FoxitCrack asks for administrator entry, which is later used for malicious functions.
Privilege escalation by way of susceptible driver
Someplace in the course of the legitimate-looking execution chain, malicious recordsdata are unpacked, dropping the SteelFox malware onto the sufferer machine to gather browser particulars, together with cookies, bank card knowledge, searching historical past, and software program particulars, together with put in software program, antivirus options, working companies, and put in add-ons.
