Avast Researchers Unmask a Sneaky Threat: HotRat

We all love a good deal, right? And what’s better than free? Would you like to get the latest version of Microsoft Office or Adobe Photoshop for free? What about popular games like Age of Empires IV or Sniper Elite 4? Well, in this case, it comes with a hefty hidden price tag. We’re talking about malware, and one sneaky culprit in particular: HotRat.

Meet HotRat: The Unwanted Guest

Imagine HotRat as that uninvited guest who crashes your party, eats all your snacks, and then steals your wallet. Not cool, right? Once it sneaks into your computer, HotRat can swipe your personal info, snap screenshots of what you’re up to, and even invite more unwanted guests (read: more malware) over. The worst part? You might not even know it’s there.

How Does HotRat Crash the Party?

Here’s the thing: cybercriminals are pretty crafty. They hide HotRat inside cracked software, which is just a fancy term for software that’s been tweaked to bypass copyright protections. Cracked software is illegally pirated software that you should generally steer clear from and HotRat exemplifies exactly why.

These cyber party crashers can weaponize any illegal software turning it into a delivery vehicle for their malware. They often target popular software from big-name companies like Adobe and Microsoft, as well as popular video games and system tools.

Watch Out for These Party Crashers

Here’s a list of just some of the software that’s been abused by cybercriminals to spread HotRat:

Adobe Illustrator 2023	Far Cry 4 Gold Edition
Adobe Photoshop 2021	IObit Uninstaller Pro
Age of Empires IV Digital Deluxe Edition	Microsoft Office 2022
Battlefield 3 Premium Edition	Microsoft Office Professional Plus 2021
CCleaner Professional	Sniper Elite 4 Deluxe Edition
Command & Conquer Red Alert 2	The Sims 4
CyberLink Screen Recorder Deluxe	Tiktok 18+ Plus PC Download
Disk Drill Enterprise	Vmware Workstation Pro

So, that free version of Adobe Photoshop or the latest video game you just downloaded could be a Trojan horse for HotRat—among a multitude of other potential security vulnerabilities.

How to Keep Your Party Malware-Free

The best way to keep your party (or your computer) malware-free is to only invite guests you trust. In other words, only download software from official websites or authorized distributors. If a deal seems too good to be true, it probably is.

And don’t forget to keep your antivirus software up to date and switched on. HotRat, like many other types of malware, often tries to turn off antivirus software to avoid getting kicked out of the party. If a software installation asks you to turn off your antivirus, that’s a big red flag.

The risks that come with illegal downloads just aren’t worth it. Not only could you be opening your computer up to party crashers like HotRat, but you’re also breaking copyright laws.

Stay safe online by only downloading software from trusted sources and keeping your antivirus software up to date. Remember, the best things in life might be free, but the best software usually isn’t.

For more detailed information about HotRat and how it works, check out our technical analysis.