Kaspersky Lab researchers have found a new crypto-currency miner – PowerGhost – which has hit corporate networks in several regions, mostly in Latin America. This is the latest in a worrying trend of cybercriminals increasingly using miners in targeted attacks, in their pursuit of money.

 

As this trend grows, enterprises will be put at risk, as miners sabotage and slow down their computer networks, damaging overall business processes and lining their own pockets in the process.

 

Crypto-currency miners are a hot cybersecurity topic right now. This specialist “mining” software creates new coins by using the computing power of a victim PC and mobile devices.

 

Malicious miners do so at the expense of other users, capitalizing on the power of their computers and devices without their knowledge. The threat has sky rocketed in recent times, replacing ransomware as the main type of malicious software, as previous Kaspersky Lab research has shown.

 

However, the emergence of PowerGhost adds a new dimension to the trend. It demonstrates that malicious miner developers are shifting to targeted attacks to make more money, as Kaspersky Lab researchers had previously predicted.

 

PowerGhost is distributed within corporate networks, infecting both workstations and servers. The main victims of this attack so far have been corporate users in Brazil, Colombia, India, and Turkey.

 

Interestingly enough, PowerGhost uses multiple fileless techniques to discreetly gain a foothold in corporate networks – meaning that the miner does not store its body directly onto a disk, increasing the complexity of its detection and remediation.

 

Machine infection occurs remotely through exploits or remote administration tools. When the machine is infected, the main body of the miner is downloaded and run without being stored on the hard disk.

 

Once this has happened, cybercriminals can arrange for the miner to automatically update, spread within the network, and launch the crypto-mining process.

 

PowerGhost attacks on businesses, for the purpose of installing miners, raise new concerns about crypto-mining software. The miner we examined indicates that targeting users is not enough – cybercriminals are now turning their attention to enterprises too. And this makes crypto-currency mining a threat to the business community,” said Vladas Bulavas, malware analyst at Kaspersky Lab.

 

Kaspersky Lab products detect the threat as

    • PDM:Trojan.Win32.Generic
    •  PDM:Exploit.Win32.Generic
    • HEUR:Trojan.Win32.Generic
    • not-a-virus:HEUR:RiskTool.Win32.BitMiner.gen

To reduce the risk of infection with miners, users are advised to:

  1.  Always keep software updated on all the devices used. To prevent miners from exploiting vulnerabilities, it will be best to use tools that can automatically detect vulnerabilities and download and install patches.
  2. Don’t overlook less obvious targets, such as queue management systems, POS terminals, and even vending machines. Such equipment can also be hijacked to mine cryptocurrency.
  3. Use a dedicated security solution that is empowered with application control, behavior detection, and exploit prevention components that monitor the suspicious actions of applications and block malicious file executions. Kaspersky Endpoint Security for Business includes these functions.
  4. To protect the corporate environment, employees and IT teams must be educated on keeping sensitive data separate and restricting access.

To learn more about the PowerGhost threat, please read the blog post available at Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Get the Best Deals for Your Family This Christmas with the PLDT Christmas 3 Bundle Promo
Techworld Date Posted: 21 December 2017 5:04 PM | 289 Views
It’s the season of gift-giving and PLDT has the perfect present for the digitally savvy and entertainment-loving Filipino families.. See More
 
Get the Best Deals for Your Family This Christmas with the PLDT Christmas 3 Bundle Promo
Techworld Date Posted: 5:04 PM | 289 Views
It’s the season of gift-giving and PLDT has the perfect present for the digitally savvy and entertainment-loving Filipino families.See More

 
Lenovo Introduces New Laptops for the ‘Modern Avid Gamer’
Techworld Date Posted: 17 August 2018 5:23 PM | 464 Views
Lenovo, a global leader in PCs and smart devices development, is launching two new laptops designed to meet the demands of the ‘modern avid gamers’. . See More
 
Lenovo Introduces New Laptops for the ‘Modern Avid Gamer’
Techworld Date Posted: 5:23 PM | 464 Views
Lenovo, a global leader in PCs and smart devices development, is launching two new laptops designed to meet the demands of the ‘modern avid gamers’. See More

 
Attacks Leveraging Exploits for Microsoft Office Grew Fourfold in Early 2018
Techworld Date Posted: 28 May 2018 4:13 PM | 191 Views
Exploits, software that takes advantage of a bug or vulnerability, for Microsoft Office in-the-wild hit the list of cyber headaches in Q1 2018. Overall, the number of users attacked with malicious Office documents rose.... See More
 
Attacks Leveraging Exploits for Microsoft Office Grew Fourfold in Early 2018
Techworld Date Posted: 4:13 PM | 191 Views
Exploits, software that takes advantage of a bug or vulnerability, for Microsoft Office in-the-wild hit the list of cyber headaches in Q1 2018. Overall, the number of users attacked with malicious Office documents rose...See More

 
MSI Gaming Is Coming in Cebu This December
Techworld Date Posted: 29 November 2017 4:53 PM | 228 Views
Micro-star International (MSI), the world’s best-selling gaming laptop brand, is taking a big step in announcing their new concept corner to be launch this December 2017. . See More
 
MSI Gaming Is Coming in Cebu This December
Techworld Date Posted: 4:53 PM | 228 Views
Micro-star International (MSI), the world’s best-selling gaming laptop brand, is taking a big step in announcing their new concept corner to be launch this December 2017. See More

 
GeForce® Gamers Are Game Ready for Final Fantasy XV! PUBG Now even Faster!
Techworld Date Posted: 1 March 2018 2:55 PM | 829 Views
NVIDIA® has released a new Game Ready Driver for Final Fantasy XV Windows Edition. In addition, it provides a performance boost of up to 7% in PlayerUnknown’s Battlegrounds (PUBG), along with being optimised for.... See More
 
GeForce® Gamers Are Game Ready for Final Fantasy XV! PUBG Now even Faster!
Techworld Date Posted: 2:55 PM | 829 Views
NVIDIA® has released a new Game Ready Driver for Final Fantasy XV Windows Edition. In addition, it provides a performance boost of up to 7% in PlayerUnknown’s Battlegrounds (PUBG), along with being optimised for...See More

 
New IoT-Malware Grew Three-Fold in H1 2018
Techworld Date Posted: 19 September 2018 3:04 PM | 115 Views
According to the Kaspersky Lab IoT report, in the first half of 2018, IoT devices were attacked with more than 120,000 modifications of malware. That’s more than triple the amount of IoT malware seen.... See More
 
New IoT-Malware Grew Three-Fold in H1 2018
Techworld Date Posted: 3:04 PM | 115 Views
According to the Kaspersky Lab IoT report, in the first half of 2018, IoT devices were attacked with more than 120,000 modifications of malware. That’s more than triple the amount of IoT malware seen...See More

 
Far Eastern University Team Wins First Intercollegiate PUBG Competition
Techworld Date Posted: 24 July 2018 5:15 PM | 702 Views
The FEU_ANBU team of Far Eastern University has emerged as the champions of the inaugural MSI-NVIDIA University League PlayerUnknown’s Battleground (PUBG) Tournament, the first intercollegiate competition in the Philippines.. See More
 
Far Eastern University Team Wins First Intercollegiate PUBG Competition
Techworld Date Posted: 5:15 PM | 702 Views
The FEU_ANBU team of Far Eastern University has emerged as the champions of the inaugural MSI-NVIDIA University League PlayerUnknown’s Battleground (PUBG) Tournament, the first intercollegiate competition in the Philippines.See More

 
CORSAIR Launches New PSU, Coolers and Case at CES 2018
Techworld Date Posted: 9 January 2018 1:50 PM | 266 Views
CORSAIR®, a world leader in enthusiast memory, high-performance gaming hardware and PC components, today launched a range of PC enthusiast products, equipped with a host of new innovations and features to help PC builders.... See More
 
CORSAIR Launches New PSU, Coolers and Case at CES 2018
Techworld Date Posted: 1:50 PM | 266 Views
CORSAIR®, a world leader in enthusiast memory, high-performance gaming hardware and PC components, today launched a range of PC enthusiast products, equipped with a host of new innovations and features to help PC builders...See More

 
Motorola Strengthens Local Footprint with First Retail Kiosk Outside Manila
Techworld Date Posted: 25 September 2017 11:22 AM | 269 Views
BATANGAS, Philippines - September 25, 2017. Motorola Philippines continues to solidify its presence in the Philippines and make the Motorola experience more accessible to Filipinos nationwide with the opening of the Motorola Kiosk in.... See More
 
Motorola Strengthens Local Footprint with First Retail Kiosk Outside Manila
Techworld Date Posted: 11:22 AM | 269 Views
BATANGAS, Philippines - September 25, 2017. Motorola Philippines continues to solidify its presence in the Philippines and make the Motorola experience more accessible to Filipinos nationwide with the opening of the Motorola Kiosk in...See More

 
5 Entertaining Vlogs to Help Get You through Everyday Traffic
Techworld Date Posted: 31 May 2018 2:52 PM | 164 Views
We have come to accept traffic as part of city life, and we all have our ways of coping like sneaking in a quick nap, tuning into our own ‘traffic playlist,’ catching up on.... See More
 
5 Entertaining Vlogs to Help Get You through Everyday Traffic
Techworld Date Posted: 2:52 PM | 164 Views
We have come to accept traffic as part of city life, and we all have our ways of coping like sneaking in a quick nap, tuning into our own ‘traffic playlist,’ catching up on...See More


Power by

Download Free AZ | Free Wordpress Themes