© Provided by: pestaola.gr
According to Kaspersky Lab researchers, hackers have begun using sophisticated methods of “infection” and techniques borrowed from targeted attacks,
Their goal is to install mining software on computers that have been attacked within organizations. The most successful team seen by Kaspersky Lab earned at least $7 million by exploiting its victims in just six months in 2017.
Although the market for crypto-coins faces many ups and downs, last year’s phenomena of Bitcoin’s upward trend have changed significantly not only the global economy but also the world of digital security. For speculation, criminals have begun using mining software in their attacks, which, like the ransomware programs, have a simple revenue-generating model. But, unlike ransomware, it does not completely destroy users and is able to remain undetectable for a long time using the power of the computer.
In September 2017, Kaspersky Lab recorded a rise in miners that began to spread actively around the world and predicted their further growth. Recent research reveals that this growth has not only continued but has grown and expanded.
Kaspersky Lab researchers recently identified a group of digital criminals with APT techniques in their arsenal to “pollute” users with miners. They use the process-hollowing method commonly used in malware and has been observed in some targeted attacks by APT-type attack agents, but has never been seen in mining attacks.
The attack works in the following way: the victim is attracted to “download” and install advertising software with the miner installer hidden inside. This installer removes a legitimate Windows utility, with the main purpose of downloading the miner himself from a remote server. After running, a legitimate system process starts and the legal code of this process changes into malicious code. As a result, the miner operates under the guise of a legitimate job, so it will be impossible for a user to identify whether there is a “contamination” of extraction. It is also difficult for security solutions to detect this threat.
In addition, miners mark this new process in a way that limits any job cancellations. If the user tries to stop the process, the computer system will restart. As a result, criminals protect their presence in the system for longer and more productive time.
Based on Kaspersky Lab’s comments, the players behind these attacks have ejaculated Electroneum coins and earned almost $7 million in the second half of 2017, a size comparable to the amounts earned by ransomware programmers.
In total, 2.7 million users were attacked by malicious miners in 2017, according to Kaspersky Lab data. Approximately 50% higher than in 2016 (1.87 million). People fall victim to adware, pirated games and pirated software used by digital criminals to secretly “pollute” their computers. Another approach that was used was the online extraction through a special code located on an “infected” website. The most widely used miner was CoinHive, which was discovered on many popular websites.
In order to remain protected, Kaspersky Lab recommends users:
• Do not click on unknown sites or suspicious banners and advertisements.
• Do not download and open unknown files from unreliable sources.
• Install a trusted security solution, such as Kaspersky Internet Security or Kaspersky Free, which detects and protects you from all possible threats, including malicious software mining.
For organizations, Kaspersky Lab recommends the following:
• Perform a security check on a regular basis.
• Install a trusted security solution on all workstations and servers and make sure all features are enabled to ensure maximum protection.
(Συνολικές Επισκέψεις: / Total Visits: 8)
(Σημερινές Επισκέψεις: / Today's Visits: 1)