Whereas the payload included the promised performance, which itself accounts for piracy, it additionally delivered “subtle” malware straight onto customers’ computer systems.
As a result of Foxit’s set up listing resides within the “Program Recordsdata” folder, Kaspersky famous that FoxitCrack asks for administrator entry, which is later used for malicious functions.
Privilege escalation by means of weak driver
Someplace in the course of the legitimate-looking execution chain, malicious information are unpacked, dropping the SteelFox malware onto the sufferer machine to gather browser particulars, together with cookies, bank card information, looking historical past, and software program particulars, together with put in software program, antivirus options, working companies, and put in add-ons.
