New Malware Employs Known Technique of Using Infected PCs as C&Cs
Questions are often raised about what purpose cyber-criminals have when they seek to damage PCs and hurt Internauts by tainting their PCs using various types of malware. So it requires being noted that monetary earnings are a very big motivation for such activities. Hackers, who utilize malware like ransomware, adware, spyware and banking Trojans, notoriously reap uncountable illegal money.
A particular thing which malware creators find most disturbing is fear of their valuable C&C infrastructure potentially getting identified and destroyed during security verification.
Devoid of command-and-control (C&C) infrastructure, the majority of today's malware can be steered to play like any headless chicken. This is possible to do with the help of Tor like anonymity networks, although they've their drawbacks, like they aren't the fastest, as well as shady web-servers which hide inside them continue to have the tendency for disappearing swiftly. Nakedsecurity.sophos.com posted this, June 21, 2017.
And while people can possibly utilize P2P networks, malware-spreading social networking accounts or some encrypted channel, yet these just help conceal the commands while likely expose the ways bots are related to servers.
At McAfee Cyber-security Company, researchers recently unearthed one fresh kind of bank info-stealing malicious program known as Pinkslipbot, which starting April 2016, has been utilizing contaminated PCs to work like its C&C systems. Prominently, Pinkslipbot is capable of using the infected PC like one control server even though an anti-virus may wipe it out. 'Pinkslipbot,' whose other name is QBot or QakBot, has been actively circulating from 2007. It opens ports by using UPnP (universal plug and play) for letting anyone trying to connect online, converse with the device it infects.
Pinkslipbot banker malware mainly attacks US-based businesses. It's complete with man-in-the-middle assault, password stealing and keylogging components of e-threat.
The malware serves to be a POC (proof-of-concept) regarding the way for exploiting the simple UPnP for doing something refined. McAfee researchers further describe it as foremost malicious program which turns contaminated PCs into HTTP-based C&Cs.
These HTTP-based machines act as proxy servers for concealing the true Internet Protocol addresses. Pinkslipbot, having an army of over 500K contaminated PCs, pilfers over half-million banking details daily.
» SPAMfighter News - 6/26/2017
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!