Hackers Are Spreading Malware In a Legitimate Way Through “Qihoo 360”!

Qihoo 360 is a Chinese Internet Security Company, which deals in AV Tools and Web Browser. The security researchers of Check Point Security were testing the security products of Qihoo 360 and after testing they said that a malware was easily bypassing the security system of antivirus tool. When they did further investigation, security researchers came to know a fact that this malware was whitelisted by the security company Qihoo 360. According to researchers, Qihoo 360 was tricked by hackers in actual, to whitelist the program file of this malware.

Why Qihoo 360 is Bypassing this Malware?

Security Researchers of Check Point published a report and according to them, this malware is registered in the database of Qihoo 360 as a legitimate file of a Chinese Game. Some employees of that gaming company had been bribed by the hackers for adding that malware file among the legitimate files of their game. After the development of that game, they had sent its legitimate files to Qihoo 360 for their registration. In this way, the program file of malware was whitelisted by the security firm.

Why Hackers Choose Qihoo 360?

Qihoo 360 is a very famous security firm of China and their free antivirus is the most used antivirus by the people of China. It was easy for hackers to spread their malware through such a big platform. Approximately 70 percent internet users of China are using Qihoo 360 antivirus because it has a number of functionalities which has not been provided by other security firms. Therefore when they started spreading it, it was easily bypassing the security algorithms of Qihoo 360 Antivirus.

How Hackers are targeting people by using this Malware?

Taobao.com is a famous e-commerce website of China. On this website users can post their products for sail. With the help of a famous mobile application Aliwangwang, buyers can select the image of products posted by their owners and can contact him. Then the owner could do the shipment of the product selected by the client. The owner will get the payment of that product through “Alipay” payment gateway, which is a product of business tycoon Alibaba.

As we told, buyers can choose the products by selecting their pictures, hackers are also doing the same. Hackers are sending malicious coded image backdoors to the sellers of products. When the owner clicks on the picture, backdoor will be activated automatically. Qihoo 360 antivirus will not detect this backdoor because it is already a whitelisted file in the database of Qihoo. After buying products hackers are demanding refund from the seller by saying that they are not satisfied with their product. Any customer can demand for refund if he is not satisfied as it is the part of their policies. So when seller is doing transaction to refund them, the backdoor will steal the login credentials of user and hackers will get this info through Command and Control servers.

What is the Response of Qihoo 360?

Qihoo 360 has expert security researchers. The company was tricked by cybercriminals for the whitelisting of their malware. Now they have removed that malicious file form their database. The future of that greedy employees, is at risk now.