General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsA rash of invisible, fileless malware is infecting banks around the globe
Two years ago, researchers at Moscow-based Kaspersky Lab discovered their corporate network was infected with malware that was unlike anything they had ever seen. Virtually all of the malware resided solely in the memory of the compromised computers, a feat that had allowed the infection to remain undetected for six months or more. Kaspersky eventually unearthed evidence that Duqu 2.0, as the never-before-seen malware was dubbed, was derived from Stuxnet, the highly sophisticated computer worm reportedly created by the US and Israel to sabotage Irans nuclear program.
Now, fileless malware is going mainstream, as financially motivated criminal hackers mimic their nation-sponsored counterparts. According to research Kaspersky Lab plans to publish Wednesday, networks belonging to at least 140 banks and other enterprises have been infected by malware that relies on the same in-memory design to remain nearly invisible. Because infections are so hard to spot, the actual number is likely much higher. Another trait that makes the infections hard to detect is the use of legitimate and widely used system administrative and security toolsincluding PowerShell, Metasploit, and Mimikatzto inject the malware into computer memory.
"What's interesting here is that these attacks are ongoing globally against banks themselves," Kaspersky Lab expert Kurt Baumgartner told Ars. "The banks have not been adequately prepared in many cases to deal with this." He went on to say that people behind the attacks are "pushing money out of the banks from within the banks," by targeting computers that run automatic teller machines.
more
https://arstechnica.com/security/2017/02/a-rash-of-invisible-fileless-malware-is-infecting-banks-around-the-globe/
BSdetect
(8,995 posts)Who has most to gain from creating a virus?
Or a report about some hard to detect, "invisible" virus?
Just saying. Its likely not just "hackers" who create these virus problems.
is worrisome.
lostnfound
(16,162 posts)That would cause a LOT of chaos.
MineralMan
(146,256 posts)I don't allow it anywhere near my computers.
dalton99a
(81,404 posts)It's safe to assume that Putin had something to do with his phenomenal business success.