BitRAT trojan malware spreads via pirated Windows 10 downloads

Shaun M Jooste


If you’re looking to obtain a pirated copy of Windows 10, you may just be setting your device up for the BitRAT trojan virus. The new cyber attack is available to online criminals for a low amount, and they have the ability to mask it with phishing or other malware distribution channels. For the moment, it only seems to be targeting unofficial Microsoft Windows 10 Pro licenses.

Based on the Korean characters found in the code, it appears as if the source country is known. To be more specific, cybercriminals seem to be using webhards, which are cloud storage services that many people in South Korea use. Perhaps they’re close to finding the culprits behind BitRAT if they know the location where it was created.

BitRAT trojan malware spreads via pirated Windows 10 downloads

So, how does the BitRAT trojan malware work? When you download the pirated Windows 10, you’ll receive a file called W10DigitalActiviation.exe. Activating it looks like a standard license activator. However, it actually downloads malware in the background that infects the system and registry. 

What it does is collect information from the computer, which BitRAT sends to the hacker. It can also perform DDoS attacks or bypass the UAC. For more extreme malware actions, it records your keyboard tapping, which means the hacker can spy on your passwords and discussions. It can even go as far as offering complete remote control of your desktop.

With so many malware attacks happening in 2022, it’s imperative that you learn how to remain safe online. Piracy always comes with inherent risks, and it’s always better to obtain official licenses to safeguard against cybercriminals. Don’t take the chance, and pay for Windows 10 if you need to.

You may also like