Proven Exploits, Variable Payloads
May 23, 2018
Markets influence the choices hackers make in designing exploits and payloads. Ransomware is all the rage until cryptocurrencies rocket up the value chart. As those values recede, ransomware returns to the sexy side of the dark business. Newsweek makes the argument, in a recent story, that ransomware attacks draw more media attention. Maybe that’s because the mining of cryptocurrency is a tougher story to explain. Maybe not.
The article describes Microsoft’s Window Defender engineers detecting malware code — sophisticated trojans — making its way across Russia, Turkey, and Ukraine. Turns out, the culprit was a new variant of Dofoil, also known as Smoke Loader. Used for over a decade, the new Dofoil/Smoke Loader was loaded with coin miner scripts, and the attack spread to more than 500,000 machines in a single day, seeking to establish a mining operation for Electroneum, a new coin.
The Old Is New, And The New Is Threatening
Incredibly, in an age where everything seems to change so rapidly, hackers return to proven methods to deploy the most effective payloads. As your organization tries to grow and manage your business and vulnerability, it can be especially frustrating to keep eyes focused both forwards and backwards.
ICS offers a fresh set of eyes to this predicament. We’ve got a firm grip on the evolution of cyberthreats, and we lean into the edge of threats coming down the pike. If this perspective would enhance your cybersecurity efforts and enable you to sleep better at night, you should call us today.