Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Network of a European Energy Company Found Containing Sophisticated Malware

Security researchers have discovered a recent malware campaign that is targeting the energy companies of Europe. "Sophistication" and "extreme" capabilities for detecting security evading are so excellent, that the researchers consider it as "a nation-state sponsored initiative". Researchers suspect that Eastern Europe engineers developed this malware.

Cybersecurity researchers of SentinelOne Labs says that the malware infecting at least one energy company in Europe, takes "extreme measures" to evade detection before droping its payload, used to report information about the infected network back to a command-and-control centre.

Hackers have targeted Power companies before like the cyberattack against an Ukranian power grid causing blackouts in December last year.

Zdnet.com posted on July 12th, 2016, stating that the researchers don't name the state behind the malware, but it is of "Eastern European origin" and has characters which suggest that it may be the work of a nation state; specifically the sophistication of the sample malware and the cost required to develop something as advanced in nature.

Encryption of malware code has been done in such manner that it is hard to analyze and detect it. Additionally, the malware code can disable and uninstall the antiviruses, besides avoiding security detection. After gaining administrative privileges, the code conducts a detailed survey of network as well as reports the results to the operators, and then awaits additional instructions.

The malware was designed to progress with extreme care while running within the systems using technically advanced verification measures, such as fingerprint scanners, facial recognition, and others.

The malware then raises the existing user to administrator group and then proceeds with its normal behavior. As per SentinelOne, Furtime's guardian is malware dropper; a type of malware normally employed for downloading more strong threats.

SentinelOne analyzed this threat technically and revealed clearly that this is not the work of usual cybercrime syndicates. They further revealed that it is the work of a group that is nation-state sponsored, and has sufficient time as well as resources for developing tool for particular environments (that deploy biometrics) and puts an absurd extent of effort into remaining unidentified.

ยป SPAMfighter News - 7/20/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page