When infecting a computer, the DEEP#GOSU virus will perform espionage actions: steal keyboard information (keylogger), steal data, install remote control malware (RAT). More dangerously, DEEP#GOSU also takes advantage of cloud storage services such as Google Docs and Dropbox as servers to command and control the victim's computer.
Fill in PDF fake malware code
According to Bkav experts, this malicious code is distributed via email with a fake PDF document attached. When the user runs this file, the virus will connect to the hacker's Google Doc and DropBox account to download malicious code and begin performing espionage and malicious actions.
Hiding under legitimate services such as Google Docs and Dropbox, the virus can bypass conventional security solutions and network monitors.
Experts advise users to be vigilant, do not open any strange, unauthenticated files sent from email, and do not immediately trust messages or links of unknown origin, even if they are sent from someone else. known. Besides, it is important to install a strong enough anti-virus software for permanent protection.