Kaspersky Lab researchers have found a new crypto-currency miner – PowerGhost – which has hit corporate networks in several regions, mostly in Latin America. This is the latest in a worrying trend of cybercriminals increasingly using miners in targeted attacks, in their pursuit of money.

 

As this trend grows, enterprises will be put at risk, as miners sabotage and slow down their computer networks, damaging overall business processes and lining their own pockets in the process.

 

Crypto-currency miners are a hot cybersecurity topic right now. This specialist “mining” software creates new coins by using the computing power of a victim PC and mobile devices.

 

Malicious miners do so at the expense of other users, capitalizing on the power of their computers and devices without their knowledge. The threat has sky rocketed in recent times, replacing ransomware as the main type of malicious software, as previous Kaspersky Lab research has shown.

 

However, the emergence of PowerGhost adds a new dimension to the trend. It demonstrates that malicious miner developers are shifting to targeted attacks to make more money, as Kaspersky Lab researchers had previously predicted.

 

PowerGhost is distributed within corporate networks, infecting both workstations and servers. The main victims of this attack so far have been corporate users in Brazil, Colombia, India, and Turkey.

 

Interestingly enough, PowerGhost uses multiple fileless techniques to discreetly gain a foothold in corporate networks – meaning that the miner does not store its body directly onto a disk, increasing the complexity of its detection and remediation.

 

Machine infection occurs remotely through exploits or remote administration tools. When the machine is infected, the main body of the miner is downloaded and run without being stored on the hard disk.

 

Once this has happened, cybercriminals can arrange for the miner to automatically update, spread within the network, and launch the crypto-mining process.

 

PowerGhost attacks on businesses, for the purpose of installing miners, raise new concerns about crypto-mining software. The miner we examined indicates that targeting users is not enough – cybercriminals are now turning their attention to enterprises too. And this makes crypto-currency mining a threat to the business community,” said Vladas Bulavas, malware analyst at Kaspersky Lab.

 

Kaspersky Lab products detect the threat as

    • PDM:Trojan.Win32.Generic
    •  PDM:Exploit.Win32.Generic
    • HEUR:Trojan.Win32.Generic
    • not-a-virus:HEUR:RiskTool.Win32.BitMiner.gen

To reduce the risk of infection with miners, users are advised to:

  1.  Always keep software updated on all the devices used. To prevent miners from exploiting vulnerabilities, it will be best to use tools that can automatically detect vulnerabilities and download and install patches.
  2. Don’t overlook less obvious targets, such as queue management systems, POS terminals, and even vending machines. Such equipment can also be hijacked to mine cryptocurrency.
  3. Use a dedicated security solution that is empowered with application control, behavior detection, and exploit prevention components that monitor the suspicious actions of applications and block malicious file executions. Kaspersky Endpoint Security for Business includes these functions.
  4. To protect the corporate environment, employees and IT teams must be educated on keeping sensitive data separate and restricting access.

To learn more about the PowerGhost threat, please read the blog post available at Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Epson Teams Up with DENR-EMB’s GREENducation PH for Its 1st EcoVision Short Film Competition for Students with an Extended Deadline
Techworld Date Posted: 23 January 2019 2:44 PM | 0 Views
Epson, in partnership with DENR-EMB (Environmental Management Bureau) and GREENducation Philippines, is extending the submission period for its 1st EcoVision Short Film Competition to February 19, 2019. . See More
 
Epson Teams Up with DENR-EMB’s GREENducation PH for Its 1st EcoVision Short Film Competition for Students with an Extended Deadline
Techworld Date Posted: 2:44 PM | 0 Views
Epson, in partnership with DENR-EMB (Environmental Management Bureau) and GREENducation Philippines, is extending the submission period for its 1st EcoVision Short Film Competition to February 19, 2019. See More

 
Fighting Ransomware: Kaspersky Lab Saved $53M for its Clients in 2015
Techworld Date Posted: 9 June 2016 10:59 AM | 0 Views
Kaspersky Lab has announced that in 2015, its solutions protected 443,920 users and corporate customers worldwide from crypto-ransomware, depriving cybercriminals of nearly $ 53 million in illegal earnings. Crypto-ransomware, and the cybercriminals that use it,.... See More
 
Fighting Ransomware: Kaspersky Lab Saved $53M for its Clients in 2015
Techworld Date Posted: 10:59 AM | 0 Views
Kaspersky Lab has announced that in 2015, its solutions protected 443,920 users and corporate customers worldwide from crypto-ransomware, depriving cybercriminals of nearly $ 53 million in illegal earnings. Crypto-ransomware, and the cybercriminals that use it,...See More

 
IPC Shares Game Changing Nature of Productivity Apps to Kick Off #DiscoverDigital Seminar Series
Techworld Date Posted: 20 March 2018 9:34 AM | 520 Views
Local cloud services pioneer IPC (IP Converge Data Services, Inc.) opened its digital transformation seminar series this year with an insightful discourse on how productivity applications are changing the workplace for the better. Dubbed.... See More
 
IPC Shares Game Changing Nature of Productivity Apps to Kick Off #DiscoverDigital Seminar Series
Techworld Date Posted: 9:34 AM | 520 Views
Local cloud services pioneer IPC (IP Converge Data Services, Inc.) opened its digital transformation seminar series this year with an insightful discourse on how productivity applications are changing the workplace for the better. Dubbed...See More

 
Technology and Security Leaders Unite at Tech Talk 2018
Techworld Date Posted: 26 November 2018 5:19 PM | 5 Views
The tech industry is evolving at an unprecedented pace and if people are not fully invested in keeping up with the latest developments, they might feel overwhelmed with the sheer amount of information available..... See More
 
Technology and Security Leaders Unite at Tech Talk 2018
Techworld Date Posted: 5:19 PM | 5 Views
The tech industry is evolving at an unprecedented pace and if people are not fully invested in keeping up with the latest developments, they might feel overwhelmed with the sheer amount of information available....See More

 
NARUTO TO BORUTO: SHINOBI STRIKER UNVEILS ITS GAMEPLAY WITH MORE DETAILS ABOUT FIGHTERS AND BATTLE MODES
Techworld Date Posted: 23 August 2017 11:49 AM | 409 Views
BANDAI NAMCO Entertainment Asia is excited to reveal the amazing new content about the acrobatic ninja battle action game developed by Soleil Ltd. AVATAR SYSTEM For the first time in the Naruto series, the Avatar System.... See More
 
NARUTO TO BORUTO: SHINOBI STRIKER UNVEILS ITS GAMEPLAY WITH MORE DETAILS ABOUT FIGHTERS AND BATTLE MODES
Techworld Date Posted: 11:49 AM | 409 Views
BANDAI NAMCO Entertainment Asia is excited to reveal the amazing new content about the acrobatic ninja battle action game developed by Soleil Ltd. AVATAR SYSTEM For the first time in the Naruto series, the Avatar System...See More

 
Aruba Named as ‘Leader’ in Gartner’s Magic Quadrant and Tops All Six Use-Cases in Critical Capabilities Report
Techworld Date Posted: 21 November 2017 8:51 AM | 851 Views
For the first time ever, Aruba is positioned furthest overall in the ‘Leaders’ category in Gartner’s Magic Quadrant for Wired and Wireless LAN Access . See More
 
Aruba Named as ‘Leader’ in Gartner’s Magic Quadrant and Tops All Six Use-Cases in Critical Capabilities Report
Techworld Date Posted: 8:51 AM | 851 Views
For the first time ever, Aruba is positioned furthest overall in the ‘Leaders’ category in Gartner’s Magic Quadrant for Wired and Wireless LAN Access See More

 
AOC Teams Up with 20th Century Fox for the Exclusive Screening of Kingsman: The Golden Circle
Techworld Date Posted: 25 September 2017 11:37 AM | 294 Views
AOC has partnered with no less than 20th Century Fox for the advanced screening of the much awaited, "Kingsman: The Golden Circle" and arranged a special dinner and programme for the members of the.... See More
 
AOC Teams Up with 20th Century Fox for the Exclusive Screening of Kingsman: The Golden Circle
Techworld Date Posted: 11:37 AM | 294 Views
AOC has partnered with no less than 20th Century Fox for the advanced screening of the much awaited, "Kingsman: The Golden Circle" and arranged a special dinner and programme for the members of the...See More

 
Fortinet’s Newest Sandbox Solution Recommended by NSS Labs
Techworld Date Posted: 26 October 2017 1:39 PM | 1088 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the results of the latest NSS Labs Breach Detection System (BDS) group test.. See More
 
Fortinet’s Newest Sandbox Solution Recommended by NSS Labs
Techworld Date Posted: 1:39 PM | 1088 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the results of the latest NSS Labs Breach Detection System (BDS) group test.See More

 
Realme Announces First In-Store Grand Flash Sale on December 16, 10AM at MemoXpress SM City North EDSA
Techworld Date Posted: 14 December 2018 10:45 AM | 364 Views
After a successful round of online flash sales, Realme Philippines adheres to the demand of consumers for offline store availability. #RealEntryLevelKing Realme C1 will be available at MemoXpress SM City North EDSA starting December.... See More
 
Realme Announces First In-Store Grand Flash Sale on December 16, 10AM at MemoXpress SM City North EDSA
Techworld Date Posted: 10:45 AM | 364 Views
After a successful round of online flash sales, Realme Philippines adheres to the demand of consumers for offline store availability. #RealEntryLevelKing Realme C1 will be available at MemoXpress SM City North EDSA starting December...See More



Power by

Download Free AZ | Free Wordpress Themes