![At 3-33 on 9th oct, some children Playing inside Aayin Camp Benue [Photo Credit Popoola Ademola Premium Timesv]](https://i0.wp.com/media.premiumtimesng.com/wp-content/files/2026/03/WhatsApp-Image-2026-03-07-at-05.54.10.jpeg?resize=360%2C180&ssl=1)
Kaspersky has uncovered that a Trojan-Downloader dubbed TookPS is being spread through malicious websites imitating popular remote access and 3D modeling software. First observed by Kaspersky experts in early March, this Trojan infects users’ devices with backdoors, allowing for unauthorised stealth access to the victim’s system.
Kaspersky Threat Research experts warn that users are being lured to fake websites that mimic official pages or falsely claim to offer free downloads of popular software, such as UltraViewer, AutoCAD, and SketchUp, commonly utilised both for business and personal purposes. However, when users click the ‘download’ buttons, they unknowingly get TookPS instead of the application they were looking for. The potential victims of this campaign could include both individuals and organisations.
|
|
Once on the device, TookPS runs a series of scripts and technical processes that allow attackers to install a backdoor on the victim’s system, granting them hidden remote access and the ability to execute arbitrary commands.
|
|
|---|
Based on technical analysis of the malicious files, Kaspersky researchers also believe that there may be other lures — for example, those capitalising on well-known software brands such as Ableton (used for music production) or Quicken (used for personal finance management).
“Earlier, we discovered several malicious campaigns that used DeepSeek’s brand as bait. One of the threats described was the TookPS. As we now observe, it isn’t just pretending to be an AI tool, that was only the tip of the iceberg. This is a broader campaign, targeting both individuals and organisations, where malware is hidden under different guises to lure in as many potential victims as possible,” explains Vasily Kolesnikov, security expert at Kaspersky. “To avoid falling victim to such attacks, we urge users to stay vigilant: always double-check links and websites, and avoid searching for pirated software online.”
READ ALSO: Why you must beware of counterfeit Android smartphones
Kaspersky shares the following recommendations to avoid general cyberthreats when surfing the Internet:
- Modern security solutions such as Kaspersky Next for organisations and Kaspersky Premium for individuals provide users with safe browsing features, protecting against dangerous websites, downloads and extensions.
- It’s safe practice to enter your web address directly into the web browser. If an email contains a link, instead of clicking the link, first hover over it to see if it looks accurate. If it looks okay, search for the link on your own versus linking to a website. Dangerous websites can look identical to authentic ones.
- For organisations, Kaspersky advises implementing a robust security policy that prohibits downloading software from unverified or pirated sources. Regular cybersecurity training should also be conducted to ensure employees remain informed and alert to potential threats.
About Kaspersky
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them.
![Atletico Madrid team [PHOTO: @atletienglish]](https://i0.wp.com/media.premiumtimesng.com/wp-content/files/2020/06/EbljCurWsAAGFbz.jpg?fit=1600%2C983&ssl=1)
