Proven Exploits, Variable Payloads

Markets influence the choices hackers make in designing exploits and payloads. Ransomware is all the rage until cryptocurrencies rocket up the value chart. As those values recede, ransomware returns to the sexy side of the dark business. Newsweek makes the argument, in a recent story, that ransomware attacks draw more media attention. Maybe that’s because the mining of cryptocurrency is a tougher story to explain. Maybe not.

The article describes Microsoft’s Window Defender engineers detecting malware code — sophisticated trojans — making its way across Russia, Turkey, and Ukraine. Turns out, the culprit was a new variant of Dofoil, also known as Smoke Loader. Used for over a decade, the new Dofoil/Smoke Loader was loaded with coin miner scripts, and the attack spread to more than 500,000 machines in a single day, seeking to establish a mining operation for Electroneum, a new coin.

The Old Is New, And The New Is Threatening

Incredibly, in an age where everything seems to change so rapidly, hackers return to proven methods to deploy the most effective payloads. As your organization tries to grow and manage your business and vulnerability, it can be especially frustrating to keep eyes focused both forwards and backwards.

ICS offers a fresh set of eyes to this predicament. We’ve got a firm grip on the evolution of cyberthreats, and we lean into the edge of threats coming down the pike. If this perspective would enhance your cybersecurity efforts and enable you to sleep better at night, you should call us today.

ISO 9001 2015Technology Industry InnovatorsVeteran Owned Small BusinessCMMI Maturity Level 3CISSP® - Certified Information Systems Security ProfessionalCertified Penetration TesterITIL IT Service ManagementCertified Ethical HackerProject Management Institute CertifiedUS Department of Homeland SecurityDisaster Recovery Institute CertifiedCertified Information Systems Auditor