New Trojan Installer Designed to Attack Enterprises

In an instance like never before that emphasizes the rapid evolution of threat scenario, security firm Seqrite just thwarted an extremely advanced Trojan installer attacking enterprises to thrust a combination of crypto-mining and ransomware malicious programs. Researchers at Seqrite spotted the variously functioning ransomware at the time they noticed multiple malicious software that unique security solutions of the brand blocked on customers' systems.

The Trojan installer drops ransomware called GandCrab along with the malware that mines Monero crypto-currency on hijacked computers together with more contaminated files as well as scripts. It as well attempts at carrying out different malicious tasks through a connection it establishes with more than 1 C&C (command-and-control) infrastructure. According to Seqrite experts, the aforementioned danger flows from one continuous campaign attacking people for multiple reasons and with multiple malware.

Providing an elaborate account of the finding, Joint Managing Director as well as Chief Technology Officer Sanjay Katkar at Quick Heal Technologies stated that his company had issued more than one alert regarding how crypto-jacking assaults were increasing in number, while discussed about one expected development of the Trojan installer. The Trojan installer's discovery additionally underscores that there should be wider security awareness along with increased security solutions that are robust in nature.

Mr. Katkar additionally stated that his company would keep on examining the malware as well as its different strains so that it could develop increased strong security software for going on safeguarding Seqrite clients from the latest malware.

The new threat is highly sophisticated. Accordingly, the ransomware strain comes encrypted while carrying data that's typically high entropy. Upon downloading it, the ransomware decodes the malware partially along with decoding a particular compressed PE archive. Thereafter the decrypted malware gains control that opens the PE archive inside the computer's memory followed with superimposing it on original process memory. Being the key malicious file the decompressed archive executes further operations upon execution.

Seqrite suggests businesses to adopt strong security software which safeguards systems, networks and endpoints against sophisticated cyber-threats. Moreover, they should routinely assess safety of their IT infrastructure, enforce routine patches and updates, while create employee awareness regarding significance of cyber-security.

» SPAMfighter News - 8/2/2018