Advanced Installer, a legitimate windows tool, is being hijacked by threat actors, in order to create software packages to drop cryptocurrency mining malware on computers. The main targets are heavy users of 3D modeling and graphic design in France and Germany. In this SC Magazine article, Critical Start’s Senior Manager of Cyber Threat Research, Callie Guenther, discusses the various methods and motivations these attackers may use to choose their targets.
CRITICALSTART® and MOBILESOC® are federally registered trademarks owned by Critical Start. Critical Start also claims trademark rights in the following: Cyber Operations Risk & Response™ platform, and Trusted Behavior Registry®. Any unauthorized use is expressly prohibited.