Kaspersky Lab researchers have found a new crypto-currency miner – PowerGhost – which has hit corporate networks in several regions, mostly in Latin America. This is the latest in a worrying trend of cybercriminals increasingly using miners in targeted attacks, in their pursuit of money.

 

As this trend grows, enterprises will be put at risk, as miners sabotage and slow down their computer networks, damaging overall business processes and lining their own pockets in the process.

 

Crypto-currency miners are a hot cybersecurity topic right now. This specialist “mining” software creates new coins by using the computing power of a victim PC and mobile devices.

 

Malicious miners do so at the expense of other users, capitalizing on the power of their computers and devices without their knowledge. The threat has sky rocketed in recent times, replacing ransomware as the main type of malicious software, as previous Kaspersky Lab research has shown.

 

However, the emergence of PowerGhost adds a new dimension to the trend. It demonstrates that malicious miner developers are shifting to targeted attacks to make more money, as Kaspersky Lab researchers had previously predicted.

 

PowerGhost is distributed within corporate networks, infecting both workstations and servers. The main victims of this attack so far have been corporate users in Brazil, Colombia, India, and Turkey.

 

Interestingly enough, PowerGhost uses multiple fileless techniques to discreetly gain a foothold in corporate networks – meaning that the miner does not store its body directly onto a disk, increasing the complexity of its detection and remediation.

 

Machine infection occurs remotely through exploits or remote administration tools. When the machine is infected, the main body of the miner is downloaded and run without being stored on the hard disk.

 

Once this has happened, cybercriminals can arrange for the miner to automatically update, spread within the network, and launch the crypto-mining process.

 

PowerGhost attacks on businesses, for the purpose of installing miners, raise new concerns about crypto-mining software. The miner we examined indicates that targeting users is not enough – cybercriminals are now turning their attention to enterprises too. And this makes crypto-currency mining a threat to the business community,” said Vladas Bulavas, malware analyst at Kaspersky Lab.

 

Kaspersky Lab products detect the threat as

    • PDM:Trojan.Win32.Generic
    •  PDM:Exploit.Win32.Generic
    • HEUR:Trojan.Win32.Generic
    • not-a-virus:HEUR:RiskTool.Win32.BitMiner.gen

To reduce the risk of infection with miners, users are advised to:

  1.  Always keep software updated on all the devices used. To prevent miners from exploiting vulnerabilities, it will be best to use tools that can automatically detect vulnerabilities and download and install patches.
  2. Don’t overlook less obvious targets, such as queue management systems, POS terminals, and even vending machines. Such equipment can also be hijacked to mine cryptocurrency.
  3. Use a dedicated security solution that is empowered with application control, behavior detection, and exploit prevention components that monitor the suspicious actions of applications and block malicious file executions. Kaspersky Endpoint Security for Business includes these functions.
  4. To protect the corporate environment, employees and IT teams must be educated on keeping sensitive data separate and restricting access.

To learn more about the PowerGhost threat, please read the blog post available at Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Five Videos to Make the Most of Video Every Day Promo this Holiday Season
Techworld Date Posted: 10 December 2018 4:36 PM | 197 Views
This Christmas season, you can make the rush hour traffic or the long lines at the mall just a little bit more bearable with Smart’s Video Every Day, which lets you enjoy up to.... See More
 
Five Videos to Make the Most of Video Every Day Promo this Holiday Season
Techworld Date Posted: 4:36 PM | 197 Views
This Christmas season, you can make the rush hour traffic or the long lines at the mall just a little bit more bearable with Smart’s Video Every Day, which lets you enjoy up to...See More

 
Fortinet Positioned Furthest for Completeness of Vision in the Challengers Quadrant of Gartner’s First Magic Quadrant for WAN Edge Infrastructure
Techworld Date Posted: 28 November 2018 1:24 PM | 139 Views
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, has announced their inclusion in Gartner’s first Magic Quadrant for WAN Edge Infrastructure as a Challenger with the furthest placement for.... See More
 
Fortinet Positioned Furthest for Completeness of Vision in the Challengers Quadrant of Gartner’s First Magic Quadrant for WAN Edge Infrastructure
Techworld Date Posted: 1:24 PM | 139 Views
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, has announced their inclusion in Gartner’s first Magic Quadrant for WAN Edge Infrastructure as a Challenger with the furthest placement for...See More

 
Sony Wins Big at the 2017 Red Dot Product Design Awards
Techworld Date Posted: 1 August 2017 11:00 AM | 292 Views
Proving its dedication to continuous innovation, Sony received numerous distinctions in the recently concluded Red Dot Product Design Awards. Some of the world's most iconic products to-date across different categories were recognized with the.... See More
 
Sony Wins Big at the 2017 Red Dot Product Design Awards
Techworld Date Posted: 11:00 AM | 292 Views
Proving its dedication to continuous innovation, Sony received numerous distinctions in the recently concluded Red Dot Product Design Awards. Some of the world's most iconic products to-date across different categories were recognized with the...See More

 
XPG SX8200 Named as One of the Best SSDs on the Market
Techworld Date Posted: 2 June 2018 10:05 AM | 392 Views
ADATA’s XPG SX8200 M.2 2280 SSD has been named as one of the best SSDs on the market by tech media Tom’s Hardware. Receiving a 9/10 score, the reviewer cited the SSD’s strong consumer.... See More
 
XPG SX8200 Named as One of the Best SSDs on the Market
Techworld Date Posted: 10:05 AM | 392 Views
ADATA’s XPG SX8200 M.2 2280 SSD has been named as one of the best SSDs on the market by tech media Tom’s Hardware. Receiving a 9/10 score, the reviewer cited the SSD’s strong consumer...See More

 
Epson Works with Youth Groups to Drive Environmental Initiatives
Techworld Date Posted: 11 February 2019 2:08 PM | 98 Views
Epson has partnered with two youth-led organizations to help raise awareness on environmental issues as part of its 2018 to 2019 environmental initiatives, in line with its vision to contribute to the development of.... See More
 
Epson Works with Youth Groups to Drive Environmental Initiatives
Techworld Date Posted: 2:08 PM | 98 Views
Epson has partnered with two youth-led organizations to help raise awareness on environmental issues as part of its 2018 to 2019 environmental initiatives, in line with its vision to contribute to the development of...See More

Rhea Sanvictores
Edifier Unveils First Concept Store in PH
Techworld • By: Rhea Sanvictores | Date Posted: 7 December 2018 3:53 PM | 467 Views
Premium audio solutions corporation Edifier has gone the extra mile in showcasing technological innovation and design elegance with the opening of its pioneer concept store in the Philippines. . See More
Rhea Sanvictores
Edifier Unveils First Concept Store in PH
Techworld • By: Rhea Sanvictores | Date Posted: 3:53 PM | 467 Views
Premium audio solutions corporation Edifier has gone the extra mile in showcasing technological innovation and design elegance with the opening of its pioneer concept store in the Philippines. See More

 
Kaspersky Lab and DICT Ink MoU to Develop Public Sector Cybersecurity Capability
Techworld Date Posted: 30 October 2018 5:08 PM | 179 Views
DICT & Kaspersky Lab inks MoU. Present at the signing were (from left to right) Allan S. Cabanlong, Assistant Secetary, DICT; Eliseo M. Rio Jr., Acting Secretary, DICT; Stephan Neumeier, Managing Director, Kaspersky Lab.... See More
 
Kaspersky Lab and DICT Ink MoU to Develop Public Sector Cybersecurity Capability
Techworld Date Posted: 5:08 PM | 179 Views
DICT & Kaspersky Lab inks MoU. Present at the signing were (from left to right) Allan S. Cabanlong, Assistant Secetary, DICT; Eliseo M. Rio Jr., Acting Secretary, DICT; Stephan Neumeier, Managing Director, Kaspersky Lab...See More

 
Fortinet Reports Third Quarter 2018 Financial Results
Techworld Date Posted: 6 November 2018 4:07 PM | 212 Views
Fortinet® (Nasdaq: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, has announced financial results for the third quarter of 2018.. See More
 
Fortinet Reports Third Quarter 2018 Financial Results
Techworld Date Posted: 4:07 PM | 212 Views
Fortinet® (Nasdaq: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, has announced financial results for the third quarter of 2018.See More

 
Kingston and Authorized Partners to Bring High-Quality Storage Solutions to the Philippines
Techworld Date Posted: 22 March 2019 9:45 AM | 89 Views
Kingston Technology, a world leader in memory storage products and technology solutions, has teamed up with channel partners to promote the authorized partner program in the Philippines. Ranked as the World’s No. 1 memory.... See More
 
Kingston and Authorized Partners to Bring High-Quality Storage Solutions to the Philippines
Techworld Date Posted: 9:45 AM | 89 Views
Kingston Technology, a world leader in memory storage products and technology solutions, has teamed up with channel partners to promote the authorized partner program in the Philippines. Ranked as the World’s No. 1 memory...See More

 
Kingston and Authorized Partners to Bring High-Quality Storage Solutions to Philippines
Techworld Date Posted: 24 January 2019 1:25 PM | 118 Views
Kingston Technology, a world leader in memory storage products and technology solutions, today announced the launch of its authorized partner program in the Philippines. Ranked as the World’s NO.1 memory module manufacturer. See More
 
Kingston and Authorized Partners to Bring High-Quality Storage Solutions to Philippines
Techworld Date Posted: 1:25 PM | 118 Views
Kingston Technology, a world leader in memory storage products and technology solutions, today announced the launch of its authorized partner program in the Philippines. Ranked as the World’s NO.1 memory module manufacturerSee More


Power by

Download Free AZ | Free Wordpress Themes