Cyber Attack Security researchers discover malware that infected 90,000 computers worldwide

Cyber Attack Security researchers discov...

Security researchers have discovered that the Smominru malware infected 90,000 machines worldwide during the month of August, with an infection rate of up to 4,700 computers per day.

In its post-infection phase, it steals victim credentials, installs a Trojan module and a cryptominer and propagates inside the network, according to researchers from Guardicore, a data centre and cloud security company.

The botnet uses several methods to propagate, but primarily it infects a system in one of two ways -- either by brute-forcing weak credentials for different Windows services, or more commonly by relying on the infamous EternalBlue exploit, cybersecurity firm Kaspersky said in a blog post last week.

 

Even though Microsoft patched the vulnerability EternalBlue exploits, which made the WannaCry and NotPetya outbreaks possible, many companies are simply ignoring updates, Kaspersky said.

China, Taiwan, Russia, Brazil and the US have seen the most attacks, but that doesn't mean other countries are out of its scope. For example, the largest network Smominru targeted was in Italy, with 65 hosts infected.

The criminals involved are not too particular about their targets, which range from universities to healthcare providers.

However, one detail is very consistent. About 85 per cent of infections occur on Windows 7 and Windows Server 2008 systems. The rest include Windows Server 2012, Windows XP and Windows Server 2003.

After compromising the system, Smominru creates a new user, called admin$, with admin privileges on the system and starts to download a whole bunch of malicious payloads.

The most obvious objective is to silently use infected computers for mining cryptocurrency (namely, Monero) at the victim's expense.

The malware also downloads a set of modules used for spying, data exfiltration, and credential theft.

On top of that, once Smominru gains a foothold, it tries to propagate further within the network to infect as many systems as possible.

To protect their network, computers, and data from Smominru, users need to update operating systems and other software regularly, Kaspersky said.

It is also important for users to use strong passwords. A reliable password manager that helps you create, manage, and automatically retrieve and enter passwords may help protect you against brute-force attacks.


PostedOn: 08 Oct 2019 Total Views: 244




Zoom’s tips for safety as recommended by...

Zoom’s tips for safety as recommended by the video...

Zoom Tips: Zoom’s India head and General Manager Sameer Raje has some tips to make your Zoom calls safe and secure. zoom, zoom tips and tricks, how to be safe on zoom, zoom privacy and security, zoom meetings, zoombombing The Zoom app has been used to host virtual classes, fitness sessions, and even...

13 May 2020

Tweet only verified COVID-19 details or ...

Tweet only verified COVID-19 details or get ready ...

Twitter introduces new labels and warning messages that will provide additional context and information on some Tweets containing disputed or misleading information related to COVID-19. Twitter starts adding warning labels to mislead COVID-19 tweets — verify before you tweet In the past few months, ...

12 May 2020

WhatsApp for web could soon have a short...

WhatsApp for web could soon have a shortcut for Me...

It will enable users to connect with their friends and family via Messenger Rooms from their PCs and laptops. WhatsApp for web could soon have a shortcut for Messenger Rooms Facebook launched a video conferencing tool 'Messenger Rooms' last month to take on Zoom and other video platforms and now, a ...

11 May 2020

Zomato extends Gold memberships by four ...

Zomato extends Gold memberships by four more month...

The company has also made its "contactless dining" free for all restaurants across India and other global destinations for a period of at least six months. A person ordering food on Zomato app Zomato CEO Deepinder Goyal on Monday announced that the company will extend all Gold memberships across cou...

11 May 2020

DRDO in Hyderabad develops 'cabinet' to ...

DRDO in Hyderabad develops 'cabinet' to sanitise e...

The Defence Research Ultraviolet Sanitiser (DRUVS) provides 360 degree exposure of Ultraviolet C (UVC) to the objects placed inside the cabinet. A sanitisation cabinet developed by the Defense Research Development Organisation DRDO in Hyderabad The Defence Research and Development Organisation (DRDO...

11 May 2020

Women depend on online pharmacies, googl...

Women depend on online pharmacies, googled guides ...

Abortions using mifepristone and misoprostol pills are safe but the real concern about self-managed abortion aren’t physical but legal. Beyond the legal ramifications, how does one find websites where the pills are sold? How do you make sure you get them quickly? What is the pain like? Dozens of wom...

11 May 2020

Girl in Bareilly, boy in Mumbai: Big fat...

Girl in Bareilly, boy in Mumbai: Big fat shaadi go...

Eager to go ahead with auspicious dates, couples marry online, complete with cousins dancing in coordination from across various locations This combination photo shows bride Keerti Narang posing for a picture at her home in Bareilly before her marriage with groom Sushen Dang who is seen dancing with...

08 May 2020

Amazon weighs direct investment in Futur...

Amazon weighs direct investment in Future Retail

Amazon, which holds an indirect stake of 1.3% in Future Retail, is in talks with the company’s parent Future Group over the potential stock purchase, said the people, who asked not to be identified as the information is private. Amazon, Amazon worker fired, Amazon insensitive, Amazon deliveries, COV...

07 May 2020