Beware: Fake antivirus sites delivering dangerous malware

When downloading antivirus software, it's important to ensure that it comes from a trusted source. There are fake websites online that offer tampered versions of software such as Avast, Bitdefender, and Malwarebytes. Downloading such programs can infect your computer.

Details about this issue can be found in a post by Trellix, highlighted by the service The Hacker News. Experts point out three fake websites offering tampered versions of Avast antivirus for Android (in the form of an APK file), Bitdefender for computers (as a ZIP package), and the Malwarebytes application (as a RAR archive).

In each of these cases, by choosing to install the software, users are actually infecting their devices. One of many malicious programs then infiltrates the system—most often an infostealer, cryptocurrency miner, or a remote access trojan. Depending on the case, the downloaded malware can, among other things, read keystrokes, SMS content, steal login data for various services, or record the screen—all without the user's awareness.

In the mentioned cases, the fake websites used to distribute the infected versions of the software are:

• avast-securedownload[.]com,
• bitdefender-app[.]com,
• malwarebytes[.]pro.

As always in such situations, we remind you to ensure the source is trustworthy before downloading any software. A fake site can typically be recognized by its URL, which may contain typos or names that have no connection to the authentic website of the producer.

However, it must be remembered that fake software can be downloaded to a computer or smartphone in many ways. Another equally popular method is phishing and fake attachments in emails, or links in such messages that lead to tampered websites and counterfeit software versions.