Multiple malicious installers were delivering the same Purple Fox rootkit version using the same attack chain, possibly distributed via email or phishing sites.
Threatpost
Posts tagged "installers"
Criminals are distributing fake VPN installers with backdoors built in
Legitimate Windscribe VPN installers are being bundled with malicious files that contain backdoors.