Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Business

PowerGhost: new fileless crypto-miner targets corporate networks across the world

PowerGhost: new fileless crypto-miner targets corporate networks across the world

Kaspersky Lab researchers have found a new crypto-currency miner – PowerGhost – which has hit corporate networks in several regions, mostly in Latin America. This is the latest in a worrying trend of cybercriminals increasingly using miners in targeted attacks, in their pursuit of money. As this trend grows, enterprises will be put at risk, as miners sabotage and slow down their computer networks, damaging overall business processes and lining their own pockets in the process.

Crypto-currency miners are a hot cybersecurity topic right now.

This specialist “mining” software creates new coins by using the computing power of a victim PC and mobile devices. Malicious miners do so at the expense of other users, capitalizing on the power of their computers and devices without their knowledge. The threat has sky rocketed in recent times, replacing ransomware as the main type of malicious software, as previous Kaspersky Lab research has shown. However, the emergence of PowerGhost adds a new dimension to the trend. It demonstrates that malicious miner developers are shifting to targeted attacks to make more money, as Kaspersky Lab researchers had previously predicted.

PowerGhost is distributed within corporate networks, infecting both workstations and servers. The main victims of this attack so far have been corporate users in Brazil, Colombia, India, and Turkey. Interestingly enough, PowerGhost uses multiple fileless techniques to discreetly gain a foothold in corporate networks – meaning that the miner does not store its body directly onto a disk, increasing the complexity of its detection and remediation.

Machine infection occurs remotely through exploits or remote administration tools. When the machine is infected, the main body of the miner is downloaded and run without being stored on the hard disk. Once this has happened, cybercriminals can arrange for the miner to automatically update, spread within the network, and launch the crypto-mining process.

“PowerGhost raises new concerns about crypto-mining software. The miner we examined indicates that targeting consumers is not enough for cybercriminals anymore – threat actors are now turning their attention to enterprises too. Crypto-currency mining is set to become a huge threat to the business community,” said David Emm, Principal Security Researcher at Kaspersky Lab.

Kaspersky Lab products detect the threat as

  • PDM:Trojan.Win32.Generic
  • PDM:Exploit.Win32.Generic
  • HEUR:Trojan.Win32.Generic
  • not-a-virus:HEUR:RiskTool.Win32.BitMiner.gen

To reduce the risk of infection with miners, users are advised to:

  1. Always keep software updated on all the devices you use. To prevent miners from exploiting vulnerabilities, use tools that can automatically detect vulnerabilities and download and install patches.
  2. Don’t overlook less obvious targets, such as queue management systems, POS terminals, and even vending machines. Such equipment can also be hijacked to mine cryptocurrency.
  3. Use a dedicated security solution that is empowered with application control, behaviour detection, and exploit prevention components that monitor the suspicious actions of applications and block malicious file executions. Kaspersky Endpoint Security for Business includes these functions.
  4. To protect the corporate environment, educate your employees and IT teams, keep sensitive data separate, and restrict access.

To learn more about the PowerGhost threat, please read the blog post available at Securelist.com.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post