Cyber threat alert: Pay for Windows or face the wrath of Cryptbot malware

Pirating is particularly risky these days due to Cryptbot malware hidden in fake versions of KMSPico.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

What you need to know

A popular pirating tool is being imitated by malicious actors in an attempt to spread malware. According to a report byRed Canaryfrom December 2, 2021, fake versions of KMSPico have been utilized to get malware onto PCs. If someone allows their system to be compromised by the fake software, the Cryptbot malware can steal credentials.

KMSPico is a tool used to circumvent license fees for Windows and Office. It uses Windows Key Management Services — a tool frequently used for legitimate reasons by enterprise clients — to fraudulently activate software.

Because KMSPico is used to pirate software, many antimalware tools flag it as a potentially unwanted program (PUP). Because of this, pirates will often disable security features to use KMSPico. This makes a fake version of the software is especially dangerous, as PC owners may have voluntarily left themselves defenseless.

Cryptbot can collect sensitive information from the following applications:

Red Canary suggests that PC owners activate software through legitimate means. “A pirate’s life is not the life for us, especially when it comes to cracked software. KMSPico is license-circumvention software that can be spoofed in a variety of ways, and in this case a malicious version led to an interesting Cryptbot infection designed to steal credentials.” The report concludes by saying, “save yourself the trouble and go for legitimate, supported activation methods.”

Get the Windows Central Newsletter

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He’s covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean’s journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.