ISPs May Be Helping Hackers to Infect you with FinFisher Spyware | WHAT REALLY HAPPENED


ISPs May Be Helping Hackers to Infect you with FinFisher Spyware

When the target users search for one of the affected applications on legitimate websites and click on its download link, their browser is served a modified URL, which redirects victims to a trojanized installation package hosted on the attacker's server.

This results in the installation of a version of the intended legitimate application bundled with the surveillance tool.

"The redirection is achieved by the legitimate download link being replaced by a malicious one," the researchers say. "The malicious link is delivered to the user’s browser via an HTTP 307 Temporary Redirect status response code indicating that the requested content has been temporarily moved to a new URL."

This whole redirection process, according to researchers, is "invisible to the naked eye" and occurs without user's knowledge.

Comments

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA