Kaspersky Lab researchers have found a new crypto-currency miner – PowerGhost – which has hit corporate networks in several regions, mostly in Latin America. This is the latest in a worrying trend of cybercriminals increasingly using miners in targeted attacks, in their pursuit of money.

 

As this trend grows, enterprises will be put at risk, as miners sabotage and slow down their computer networks, damaging overall business processes and lining their own pockets in the process.

 

Crypto-currency miners are a hot cybersecurity topic right now. This specialist “mining” software creates new coins by using the computing power of a victim PC and mobile devices.

 

Malicious miners do so at the expense of other users, capitalizing on the power of their computers and devices without their knowledge. The threat has sky rocketed in recent times, replacing ransomware as the main type of malicious software, as previous Kaspersky Lab research has shown.

 

However, the emergence of PowerGhost adds a new dimension to the trend. It demonstrates that malicious miner developers are shifting to targeted attacks to make more money, as Kaspersky Lab researchers had previously predicted.

 

PowerGhost is distributed within corporate networks, infecting both workstations and servers. The main victims of this attack so far have been corporate users in Brazil, Colombia, India, and Turkey.

 

Interestingly enough, PowerGhost uses multiple fileless techniques to discreetly gain a foothold in corporate networks – meaning that the miner does not store its body directly onto a disk, increasing the complexity of its detection and remediation.

 

Machine infection occurs remotely through exploits or remote administration tools. When the machine is infected, the main body of the miner is downloaded and run without being stored on the hard disk.

 

Once this has happened, cybercriminals can arrange for the miner to automatically update, spread within the network, and launch the crypto-mining process.

 

PowerGhost attacks on businesses, for the purpose of installing miners, raise new concerns about crypto-mining software. The miner we examined indicates that targeting users is not enough – cybercriminals are now turning their attention to enterprises too. And this makes crypto-currency mining a threat to the business community,” said Vladas Bulavas, malware analyst at Kaspersky Lab.

 

Kaspersky Lab products detect the threat as

    • PDM:Trojan.Win32.Generic
    •  PDM:Exploit.Win32.Generic
    • HEUR:Trojan.Win32.Generic
    • not-a-virus:HEUR:RiskTool.Win32.BitMiner.gen

To reduce the risk of infection with miners, users are advised to:

  1.  Always keep software updated on all the devices used. To prevent miners from exploiting vulnerabilities, it will be best to use tools that can automatically detect vulnerabilities and download and install patches.
  2. Don’t overlook less obvious targets, such as queue management systems, POS terminals, and even vending machines. Such equipment can also be hijacked to mine cryptocurrency.
  3. Use a dedicated security solution that is empowered with application control, behavior detection, and exploit prevention components that monitor the suspicious actions of applications and block malicious file executions. Kaspersky Endpoint Security for Business includes these functions.
  4. To protect the corporate environment, employees and IT teams must be educated on keeping sensitive data separate and restricting access.

To learn more about the PowerGhost threat, please read the blog post available at Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
From Shaking Their Hands to Paying off Their Debts: Third party Cybersecurity Failures Cost Businesses the Most
Techworld Date Posted: 25 September 2017 11:26 AM | 171 Views
While more companies are investing in cybersecurity regardless of ROI (63% in 2017 compared to 56% in 2016), a new study from Kaspersky Lab and B2B International has found that the average cost of.... See More
 
From Shaking Their Hands to Paying off Their Debts: Third party Cybersecurity Failures Cost Businesses the Most
Techworld Date Posted: 11:26 AM | 171 Views
While more companies are investing in cybersecurity regardless of ROI (63% in 2017 compared to 56% in 2016), a new study from Kaspersky Lab and B2B International has found that the average cost of...See More

 
Sony’s Xperia XZ Premium Now Available in Limited Edition Rosso Colorway
Techworld Date Posted: 10 November 2017 10:48 AM | 228 Views
Sony announced that the Xperia XZ Premium is already available in a new, limited edition colorway.. See More
 
Sony’s Xperia XZ Premium Now Available in Limited Edition Rosso Colorway
Techworld Date Posted: 10:48 AM | 228 Views
Sony announced that the Xperia XZ Premium is already available in a new, limited edition colorway.See More

 
Data Risks Give No Rewards, Kaspersky Lab Warns
Techworld Date Posted: 31 July 2017 5:04 PM | 313 Views
Users are putting their precious and sensitive data in danger, by the way they share both their information, and their physical devices containing this information with others. Kaspersky Lab's My Precious Data: Stranger Danger.... See More
 
Data Risks Give No Rewards, Kaspersky Lab Warns
Techworld Date Posted: 5:04 PM | 313 Views
Users are putting their precious and sensitive data in danger, by the way they share both their information, and their physical devices containing this information with others. Kaspersky Lab's My Precious Data: Stranger Danger...See More

 
CES 2018: Kingston to Showcase Upcoming Mobile Lifestyle Products and More
Techworld Date Posted: 11 January 2018 10:00 AM | 174 Views
Kingston, a world leader in memory storage products and technology solutions, is set to share its latest and upcoming products at CES®.. See More
 
CES 2018: Kingston to Showcase Upcoming Mobile Lifestyle Products and More
Techworld Date Posted: 10:00 AM | 174 Views
Kingston, a world leader in memory storage products and technology solutions, is set to share its latest and upcoming products at CES®.See More

 
ASRock Kicks Off Mini PC Revolution with the World’s 1st Micro-STX DeskMini RX/GTX System
Techworld Date Posted: 31 January 2017 3:31 AM | 291 Views
Consumers nowadays are seeking for a tiny yet powerful computing gear. Hence, ASRock made its refresh DeskMini system debut at the recently concluded CES 2017.. See More
 
ASRock Kicks Off Mini PC Revolution with the World’s 1st Micro-STX DeskMini RX/GTX System
Techworld Date Posted: 3:31 AM | 291 Views
Consumers nowadays are seeking for a tiny yet powerful computing gear. Hence, ASRock made its refresh DeskMini system debut at the recently concluded CES 2017.See More

 
Transcend Is Honored with Four Taiwan Excellence Awards 2018
Techworld Date Posted: 3 January 2018 2:18 PM | 117 Views
Transcend Information, Inc. (Transcend®), a worldwide leader in storage and multimedia products, is proud to announce that four of its cutting-edge products have been awarded the 2018 Taiwan Excellence Award for their innovation. See More
 
Transcend Is Honored with Four Taiwan Excellence Awards 2018
Techworld Date Posted: 2:18 PM | 117 Views
Transcend Information, Inc. (Transcend®), a worldwide leader in storage and multimedia products, is proud to announce that four of its cutting-edge products have been awarded the 2018 Taiwan Excellence Award for their innovationSee More

 
From Home to Business: Synology Unveils New XS/Plus/Value-Series Product Lineup
Techworld Date Posted: 30 September 2017 9:42 AM | 146 Views
SynologyInc. announced the official launch of new product lineup in Taipei, Taiwan featuring:. See More
 
From Home to Business: Synology Unveils New XS/Plus/Value-Series Product Lineup
Techworld Date Posted: 9:42 AM | 146 Views
SynologyInc. announced the official launch of new product lineup in Taipei, Taiwan featuring:See More

 
Kaspersky Lab Unmasks the History of Cyber Espionage in the APAC region
Techworld Date Posted: 18 October 2017 11:55 AM | 182 Views
Kaspersky Lab's Director of Global Research and Analysis Team (GReAT) in Asia Pacific, Vitaly Kamluk opens his discussion on cyberespionage with the legend of Rothschilds to emphasize the power of information. Equipped with detailed histories.... See More
 
Kaspersky Lab Unmasks the History of Cyber Espionage in the APAC region
Techworld Date Posted: 11:55 AM | 182 Views
Kaspersky Lab's Director of Global Research and Analysis Team (GReAT) in Asia Pacific, Vitaly Kamluk opens his discussion on cyberespionage with the legend of Rothschilds to emphasize the power of information. Equipped with detailed histories...See More

 
D-Link Partners with PSITE to Elevate IT Education in PH
Techworld Date Posted: 24 March 2018 4:16 PM | 363 Views
Reflecting its support for quality IT education in the Philippines, leading global supplier of networking products D-Link International Pte. Ltd. has entered into a partnership with the Philippine Society of Information Technology Educators Foundation,.... See More
 
D-Link Partners with PSITE to Elevate IT Education in PH
Techworld Date Posted: 4:16 PM | 363 Views
Reflecting its support for quality IT education in the Philippines, leading global supplier of networking products D-Link International Pte. Ltd. has entered into a partnership with the Philippine Society of Information Technology Educators Foundation,...See More

 
CYBER HYGIENE 101: Kaspersky Lab Underscores Securing Digital Assets Like Physical Valuables
Techworld Date Posted: 5 October 2018 5:23 PM | 206 Views
With the undeniable dependency of humans to their connected devices, amid the steadily increasing number of attacks and the whopping costs of successful data breaches, Kaspersky Lab recently stressed the need for improved cyber.... See More
 
CYBER HYGIENE 101: Kaspersky Lab Underscores Securing Digital Assets Like Physical Valuables
Techworld Date Posted: 5:23 PM | 206 Views
With the undeniable dependency of humans to their connected devices, amid the steadily increasing number of attacks and the whopping costs of successful data breaches, Kaspersky Lab recently stressed the need for improved cyber...See More


Power by

Download Free AZ | Free Wordpress Themes