Kaspersky Lab researchers have found a new crypto-currency miner – PowerGhost – which has hit corporate networks in several regions, mostly in Latin America. This is the latest in a worrying trend of cybercriminals increasingly using miners in targeted attacks, in their pursuit of money.

 

As this trend grows, enterprises will be put at risk, as miners sabotage and slow down their computer networks, damaging overall business processes and lining their own pockets in the process.

 

Crypto-currency miners are a hot cybersecurity topic right now. This specialist “mining” software creates new coins by using the computing power of a victim PC and mobile devices.

 

Malicious miners do so at the expense of other users, capitalizing on the power of their computers and devices without their knowledge. The threat has sky rocketed in recent times, replacing ransomware as the main type of malicious software, as previous Kaspersky Lab research has shown.

 

However, the emergence of PowerGhost adds a new dimension to the trend. It demonstrates that malicious miner developers are shifting to targeted attacks to make more money, as Kaspersky Lab researchers had previously predicted.

 

PowerGhost is distributed within corporate networks, infecting both workstations and servers. The main victims of this attack so far have been corporate users in Brazil, Colombia, India, and Turkey.

 

Interestingly enough, PowerGhost uses multiple fileless techniques to discreetly gain a foothold in corporate networks – meaning that the miner does not store its body directly onto a disk, increasing the complexity of its detection and remediation.

 

Machine infection occurs remotely through exploits or remote administration tools. When the machine is infected, the main body of the miner is downloaded and run without being stored on the hard disk.

 

Once this has happened, cybercriminals can arrange for the miner to automatically update, spread within the network, and launch the crypto-mining process.

 

PowerGhost attacks on businesses, for the purpose of installing miners, raise new concerns about crypto-mining software. The miner we examined indicates that targeting users is not enough – cybercriminals are now turning their attention to enterprises too. And this makes crypto-currency mining a threat to the business community,” said Vladas Bulavas, malware analyst at Kaspersky Lab.

 

Kaspersky Lab products detect the threat as

    • PDM:Trojan.Win32.Generic
    •  PDM:Exploit.Win32.Generic
    • HEUR:Trojan.Win32.Generic
    • not-a-virus:HEUR:RiskTool.Win32.BitMiner.gen

To reduce the risk of infection with miners, users are advised to:

  1.  Always keep software updated on all the devices used. To prevent miners from exploiting vulnerabilities, it will be best to use tools that can automatically detect vulnerabilities and download and install patches.
  2. Don’t overlook less obvious targets, such as queue management systems, POS terminals, and even vending machines. Such equipment can also be hijacked to mine cryptocurrency.
  3. Use a dedicated security solution that is empowered with application control, behavior detection, and exploit prevention components that monitor the suspicious actions of applications and block malicious file executions. Kaspersky Endpoint Security for Business includes these functions.
  4. To protect the corporate environment, employees and IT teams must be educated on keeping sensitive data separate and restricting access.

To learn more about the PowerGhost threat, please read the blog post available at Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Epson, DENR-EMB, and GREENducation PH Launch 1st EcoVision Short Film Competition for Students
Techworld Date Posted: 4 January 2019 1:09 PM | 198 Views
Epson, in partnership with the Department of Environment and Natural Resources – Environmental Management Bureau (DENR-EMB) and GREENducation Philippines, has announced the launch of its 1st EcoVision Short Film Competition for students. . See More
 
Epson, DENR-EMB, and GREENducation PH Launch 1st EcoVision Short Film Competition for Students
Techworld Date Posted: 1:09 PM | 198 Views
Epson, in partnership with the Department of Environment and Natural Resources – Environmental Management Bureau (DENR-EMB) and GREENducation Philippines, has announced the launch of its 1st EcoVision Short Film Competition for students. See More

 
Lenovo Bolsters Its Legion Line-Up, Launches New Gaming PCs at Gamescom 2017
Techworld Date Posted: 29 August 2017 3:53 PM | 35 Views
At gamescom2017 in Cologne, Germany, leading global technology brand Lenovo launched four new powerful additions to its Legion gaming lineup family - three VR-ready Windows 10 PCs Lenovo Legion Y920, Y720 and Y520 Towers,.... See More
 
Lenovo Bolsters Its Legion Line-Up, Launches New Gaming PCs at Gamescom 2017
Techworld Date Posted: 3:53 PM | 35 Views
At gamescom2017 in Cologne, Germany, leading global technology brand Lenovo launched four new powerful additions to its Legion gaming lineup family - three VR-ready Windows 10 PCs Lenovo Legion Y920, Y720 and Y520 Towers,...See More

 
Botnet Activity in H1 2018: Multifunctional Bots Becoming More Widespread
Techworld Date Posted: 3 September 2018 5:14 PM | 37 Views
Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world. . See More
 
Botnet Activity in H1 2018: Multifunctional Bots Becoming More Widespread
Techworld Date Posted: 5:14 PM | 37 Views
Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world. See More

 
XPG SX8200 Named as One of the Best SSDs on the Market
Techworld Date Posted: 2 June 2018 10:05 AM | 470 Views
ADATA’s XPG SX8200 M.2 2280 SSD has been named as one of the best SSDs on the market by tech media Tom’s Hardware. Receiving a 9/10 score, the reviewer cited the SSD’s strong consumer.... See More
 
XPG SX8200 Named as One of the Best SSDs on the Market
Techworld Date Posted: 10:05 AM | 470 Views
ADATA’s XPG SX8200 M.2 2280 SSD has been named as one of the best SSDs on the market by tech media Tom’s Hardware. Receiving a 9/10 score, the reviewer cited the SSD’s strong consumer...See More

 
F&D F5060X: A Surround Sound Bluetooth Speaker System
Techworld Date Posted: 13 September 2019 11:42 AM | 135 Views
F&D F5060X: A Surround Sound Bluetooth Speaker System. See More
 
F&D F5060X: A Surround Sound Bluetooth Speaker System
Techworld Date Posted: 11:42 AM | 135 Views
F&D F5060X: A Surround Sound Bluetooth Speaker SystemSee More

 
Smart Unveils Offers for the Groundbreaking Samsung Galaxy S10 Line
Techworld Date Posted: 28 February 2019 2:25 PM | 49 Views
Following the official launch of the Samsung Galaxy S10 line in San Francisco, Smart Communications, Inc., the wireless arm of leading telco and digital services provider PLDT Inc., has revealed its offers for the.... See More
 
Smart Unveils Offers for the Groundbreaking Samsung Galaxy S10 Line
Techworld Date Posted: 2:25 PM | 49 Views
Following the official launch of the Samsung Galaxy S10 line in San Francisco, Smart Communications, Inc., the wireless arm of leading telco and digital services provider PLDT Inc., has revealed its offers for the...See More

 
New Kaspersky Endpoint Security for Business Provides Security Teams with Greater Control and Automatic Anomaly Detection
Techworld Date Posted: 23 March 2019 10:09 AM | 48 Views
Kaspersky Lab has unveiled the next generation of its endpoint protection with new Kaspersky Endpoint Security for Business. The product features Adaptive Anomaly Control, which intelligently perceives and blocks anomalous applications and user behavior,.... See More
 
New Kaspersky Endpoint Security for Business Provides Security Teams with Greater Control and Automatic Anomaly Detection
Techworld Date Posted: 10:09 AM | 48 Views
Kaspersky Lab has unveiled the next generation of its endpoint protection with new Kaspersky Endpoint Security for Business. The product features Adaptive Anomaly Control, which intelligently perceives and blocks anomalous applications and user behavior,...See More

 
Are your passwords stored securely? Kaspersky finds 60% rise in users hit by password stealers in 2019
Techworld Date Posted: 25 July 2019 9:18 AM | 67 Views
Are your passwords stored securely? Kaspersky finds 60% rise in users hit by password stealers in 2019. See More
 
Are your passwords stored securely? Kaspersky finds 60% rise in users hit by password stealers in 2019
Techworld Date Posted: 9:18 AM | 67 Views
Are your passwords stored securely? Kaspersky finds 60% rise in users hit by password stealers in 2019See More

 
Honeywell Awards Three Scholarships to Chemical Engineer Students in the Philippines
Techworld Date Posted: 7 November 2017 4:41 PM | 354 Views
Honeywell (NYSE: HON) announced today that it has awarded scholarships to three Filipino students majoring in chemical engineering at a leading university in Philippines, affirming Honeywell’s continued investment in building the future engineering talent.... See More
 
Honeywell Awards Three Scholarships to Chemical Engineer Students in the Philippines
Techworld Date Posted: 4:41 PM | 354 Views
Honeywell (NYSE: HON) announced today that it has awarded scholarships to three Filipino students majoring in chemical engineering at a leading university in Philippines, affirming Honeywell’s continued investment in building the future engineering talent...See More

 
Kris Aquino, Bimby Give Three-Part Exclusive Tour of PLDT Home Fibr-Powered Home
Techworld Date Posted: 3 January 2018 2:26 PM | 563 Views
PLDT Home Ambassador and Queen of all Media Kris Aquino gave her viewers a treat this Christmas season through an exclusive corner-to-corner tour of her new, PLDT Home Fibr-powered home in Quezon City.. See More
 
Kris Aquino, Bimby Give Three-Part Exclusive Tour of PLDT Home Fibr-Powered Home
Techworld Date Posted: 2:26 PM | 563 Views
PLDT Home Ambassador and Queen of all Media Kris Aquino gave her viewers a treat this Christmas season through an exclusive corner-to-corner tour of her new, PLDT Home Fibr-powered home in Quezon City.See More


Power by

Download Free AZ | Free Wordpress Themes