[ad_1]
Kaspersky Lab researchers discovered a new type of encrypted digital attack: the researchers discovered that the attack called PowerGhost is hitting the computer networks of companies and institutions from several parts of the world, mainly in Latin America
. A growing trend among cybercriminals to worry about the use of sophisticated mining tools in targeted attacks in their efforts to achieve financial gains. This trend could put companies at risk because mining attacks damage computer networks and slow them down,
Coded digital currency attacks are one of the topical cybersecurity topics at the present time, with specialized mining software generating pieces of currency using the computing power of computers and mobile phones belonging to the victim of an attack Mining Those who hide behind these attacks create new currencies to the detriment of other users, exploiting the power of their devices without their knowledge .
Announcements
This type of threat has recently increased to replace ransom attacks as a form of malware As has been shown in a previous study by Kaspersky Lab, the emergence of PowerGhost adds a new dimension to this trend: the malicious agents at the origin of the mining attacks are turning to targeted attacks for greater financial gain, according to the predictions of Kaspersky Lab researchers.
The software is being distributed PowerGhost within corporate networks, infecting workstations and servers. The main target countries of this attack are Brazil, Colombia, India and Turkey. Interestingly, PowerGhost uses several methods that do not rely on files to secretly introduce them into institutional networks, which means that the extraction tool does not store directly on the storage drive. device, complicating the detection and management process. The device is downloaded and operated without being stored on the hard drive, which allows cyber criminals to configure the tool to receive updates, broadcast them on the network and start the process of crawling automatic. [1969002] Ladas Paula, a malware analyst at Kaspersky Lab, said that PowerGhost's attacks on businesses to install encrypted digital currency extraction tools "raise new concerns about this software." "Cybercriminals are now turning to businesses, which makes encrypted currency extraction an additional threat to businesses."
Kaspersky Lab's solutions may reveal the following threats:
] PDM: Trojan.Win32.Generic
PDM: Exploit.Win32.Generic
HEUR: Trojan.Win32.Generic
Not- a-virus: HEUR: RiskT ool.Win32.BitMiner.gen
Kaspersky recommends users to follow these steps to reduce the risk of mining attacks:
Always keep software and systems up to date on all devices, to prevent mining attacks from exploiting security breaches,
Do not ignore less obvious objectives, such as standby management systems, POS terminals and even vending machines, since they can be used in mining operations.
Use a custom security solution that is enabled From application control to behavior detection, m
Educate IT staff and IT teams, maintain separate sensitive data, and enforce strict technical access restrictions , to make sure they are safe and secure. Protection of the business environment.
© Amwal al-Ghad 2018
Source link
