Krampus-3PC Description

The Krampus-3PC is a threat that targets Apple mobile devices exclusively. The authors of the Krampus-3PCmalware have made sure that their threat runs several checks to determine whether the device was made by Apple or not. All users who were not operating an Apple device were spared. Another interesting trait of the Krampus-3PC malware is that it operates online entirely. This allows the threat to carry out its campaigns very silently, as no traces of unsafe activity would be left on the affected device.

Propagation Method

The Krampus-3PC threat appears to be distributed with the help of malvertising campaigns. Oddly enough, instead of using shady promotional networks to carry out this operation, the creators of the Krampus-3PC have taken advantage of legitimate advertising companies. The attackers have used a rather cunning technique to make this happen - instead of adding the corrupted code early on, they have opted to include it at a later stage. By doing this, the attackers have managed to bypass the security measure put in place by advertising networks. This trick has proven to be rather successful as there are reports stating that hundreds of legitimate blogs, news publications, papers covering current events, etc., have been compromised and are hosting the Krampus-3PC threat unknowingly.

Collects Personal Data from Users

If you come across the Krampus-3PC malware, you may soon notice that you are being redirected through various websites until it finally displays a bogus page that is used for phishing users’ credentials. Another trick that the Krampus-3PC threat uses is presenting the user with a fraudulent ‘grocery store reward’ message.The goal of this fake alert is to trick users into providing their personal details such as phone number, name, address, email address, etc., under the pretext that unless they fill in their details, they will not receive their prize. If the user gives out their phone number, the attackers will likely begin bombarding them with text messages whose goal is to get the targets to provide their login credentials.

The authors of the Krampus-3PC malware are likely very experienced in the field of cybercrime. Based on the method used for determining the maker of the mobile device, cybersecurity researchers have concluded that this threat is likely the product of a group of highly skilled cyber crooks.

Keep away from unknown Web pages that require you to give out your personal details, especially if they claim that you will get free rewards in return, as more often than not, it will be a scheme.