By Chris Navarrete | December 06, 2018 Threat Analysis by FortiGuard Labs
Back in the 90’s, the Internet was not too *wild* in terms of malicious software, hacking attacks, etc. Viruses and some Worms had started to emerge, and while some were really dangerous, a great majority were not. Different categories like Joke programs or other similar programs with non-destructive payloads were part of that era. Many developers were not really malware writers, but skilled developers that wanted to have a good time scaring people or simply making a joke by developing small pieces of software that performed behaviors such as opening the CD-ROM or displaying different characters walking across a screen. Unfortunately, one of these innocent categories turned into something more serious: the well-known PUAs. In this FortiGuard Labs article we will define what a PUA is, describe its inherent risks, and how malware makes use of them by showcasing a malware sample.
What are PUAs?
PUA is the acronym for “Potentially Unwanted Application.” This is a general category used by all vendors to tag particular applications that can be misused by malicious people. In that sense, these tools are not really malicious and the program itself does not necessarily represent a risk. It is the usage of such tools and the related outcomes that are the real problem.