[ad_1]
Miners invade and slow down their computer networks. Colombia, Mexico, Brazil and other countries are recording attacks.
Kaspersky Lab researchers discovered a new cryptocurrency miner called PowerGhost, which has affected corporate networks in several regions, mainly in Latin America. Miners sabotage and slow down companies' computer networks.
Right now Cryptocurrency miners are a recurring theme in the field of cybersecurity. This type of malware creates new currencies by taking advantage of the power of computers and victim devices, in many cases without their knowledge. The threat has exploded in recent times and has replaced ransomware as the main type of malware, as discussed in previous research by Kaspersky Lab.
The appearance of PowerGhost adds a new dimension to this trend. Computer infection occurs through exploits, as well as remote administration tools. When the machine is "infected", the miner can automatically update and expand within the network.
PowerGhost is distributed in corporate networks, infecting workstations and servers. The main victims of this attack were professional users in Brazil, Colombia, India and Turkey. However, victims have also been registered in Mexico, Peru and Ecuador. Vladas Bulavas, Malware Analyst for Kaspersky Lab, said:
PowerGhost's attacks on companies, with the aim of installing minors, raise new concerns about cryptosystem software. The minor we are looking at indicates that companies are also targeted.
Kaspersky Lab's products detect the threat as:
• PDM: Trojan.Win32.Generic
• PDM: Exploit.Win32.Generic
• HEUR: Trojan.Win32.Generic
• non-virus: HEUR: RiskTool.Win32.BitMiner.gen
To reduce the risk of infection by minors, the firm advises the following:
] 1 Always keep the software up to date on all devices that you use. To prevent minors from exploiting vulnerabilities, use tools that can automatically detect vulnerabilities and download and install patches.
2. Do not neglect less obvious goals, such as queue management systems, point-of-sale terminals, and even vending machines. Such equipment can also be entered to extract cryptocurrencies.
3. Use a robust security solution with application control components, behavioral detection, and operational prevention that monitor suspicious actions of applications and block the action of malicious files. The company recommends these products.
4. To protect the business environment, train your employees and your IT teams, separate sensitive data and limit their access.
Source link
