Rietspoof Malware Rise Via Skype and MessengerByBill Toulas-February 19, 2019.159 The latest “dropper malware” is now more advanced and flexible than ever. Analysts warn that antivirus tools already make Rietspoof hard to detect and avoid and the situation may get worse with future versions. For the past month, Avast researchers have been monitoring a new family of malware that they call “Rietspoof” and warning Facebook Messenger and Skype users that its spread is on the rise. The specific malware was originally first spotted back last summer, but since the beginning of the year it has been refined and deemed ready to reach the masses used by multiple threat actors. The specific malware is known to be a “dropper,” so it was created to download aggressive ransomware to the infected computer, so that it does not do the harm itself. Avast warns about Rietspoof’s flexibility and durability while also mentioning that the malware is being updated on a daily basis, which means it is becoming more effective and daily threatening. Rietspoof is delivered as an obfuscated Visual Basic Script inside a Cab file via instant messaging clients such as Skype or Facebook Messenger. It includes an executable that is digitally signed with a valid signature which makes it resistant to Windows Startup folder antivirus and antimalware scans. Thus the malware runs free to delete the Cab file after extending and loading the executable code, and then interacting with the C C server begins. .160 Controversial social figure Alex Jones is facing strict YouTube and Facebook enforcement because of his latest upload of videos. For the next 90 days, Jones won’t be able to upload any new videos to Infowars website. YouTube has issued a strike against his account for four videos that did not comply with Google’s uploaded content guidelines. For the same reasons as YouTube, Facebook has blocked him from uploading any material as an admin to any Facebook page for 30 days. A social media company representative confirmed “We remove content that breaks our guidelines as soon as we become aware of it. In this case, we received reports on the Pages that Infowars and Alex Jones run on Facebook relating to four different videos. “Jones is an admin for multiple pages and often stirs up controversy with his posts involving conspiracy theories. If he receives further strikes on YouTube or violates the rules of the Facebook Group his social media profiles may be permanently banned. Although Facebook or YouTube did not provide information about what content was deleted many internet users were able to find and re-upload the material. Surprisingly a video on Facebook showing Jones attempting to kill special prosecutor Robert Mueller has not been deleted. The social media platform confirmed that it did not breach any community guidelines despite the video stirring up several controversies. Jones has been frequently criticized for having promoted virulent hypotheses of tragic events including school shootings and terrorist attacks. With both social media platforms working to counter disinformation and hate speech, it was only a matter of time that the networks would shut down conspiracy theorists.
Author Jeanne Higgins