Reductor: New malware strain hits Google Chrome and Firefox users_1

A new malware known as Reductor has been attacking
people who use Google Chrome and Firefox search engines. The malware is able to
intercept encrypted web traffic.

Kaspersky security researchers discovered Reductor
in April 2019. The malware got its name from new modules on a .pdb path left in
some samples.

In reaction to the discovery, they formed a team
whose duty was to perform a full investigation.

What is Reductor and how does it work

The team has finally released their findings on the malware in a report. Kaspersky revealed that Reductor was classified as a remote access trojan (RAT).

The antivirus creation company couldn’t help but
call the malware “impressive.” Its creators made it to be able to leave the
infected system open to vulnerabilities over a network.


“An attacker could upload, download and execute files, though the researchers haven’t yet identified exactly what its creators intended to use it for.” Tech Radar

Operators have control over target’s network channel

Kaspersky shared more about their Reductor findings

“Analysis of the malware allowed us to confirm that the operators have some control over the target’s network channel and could replace legitimate installers with infected ones on the fly.” Kaspersky

The antivirus creation company added:

“That places the actor in a very exclusive club, with capabilities that few other actors in the world have.” Kaspersky

So far, those who have been affected by the malware
are Google Chrome and Firefox users in Russia and Belarus. There aren’t any
reports of infections elsewhere in the world.

How you can fight against Reductor and other

When antivirus companies like Kaspersky discover
threats like Reductor, they quickly add them to their databases of known
threats. This enables users of the antivirus so to detect and delete the
malware during a standard scan.

The best suggested way to avoid being infected by
malwares is to be cautious when you’re online. If you receive and email that
you aren’t expecting, don’t download any of its attachments.

It’s also best if you don’t download software from any
unofficial sources or websites. However, if it does happen that a malware
manages to infiltrate your system, the best option is to utalise antivirus
software immediately.

Users should also make sure that they keep their
antiviruses up to date with the latest threat definitions. This will assist in protecting
your machine from any newly identified threats.