"A "large and resilient infrastructure" comprising over 250 domains is being used to distribute information-stealing malware such as Raccoon and Vidar since early 2020.
The infection chain "uses about a hundred of fake cracked software catalog websites that redirect to several links before downloading the payload hosted on file share platforms, such as GitHub," cybersecurity firm SEKOIA said in an analysis published earlier this month.
The French cybersecurity company assessed the domains to be operated by a threat actor running a traffic direction system (TDS), which allows other cybercriminals to rent the service to distribute their malware."
The big thing here is to ensure employees only have approved software installed on their machines. This can be achieved by proper awareness and training of what software is approved by IT as well as increasing awareness of threats like this. A clearly documented and understood acceptable use policy is the place to start if you do not have one in place today. Here is an Acceptable Use Policy template to get you started!