Detecting Invisible Malware

 

WannaCry ransomware shook the healthcare industry, and more than 150+ countries around the globe by many estimates.  However,  as Selena Larson reminds us, cyberattacks don't have to be flashy and well-known. A new invisible exploit, named "AdylKuzz", was discovered a couple of weeks ago.

What is Happening?

Proofpoint describes the symptoms of the potentially large-scale malware as including degradation of PC and server performance and loss of access to shared Windows resources.

This botnet is designed to be controlled remotely and with the ability to create a network of comprised computers,. Uniquely, AdylKuzz can generate the cryptocurrency called "Monero" upon installation. So how does AdylKuzz differ from Wannacry? 

Essentially, it remains behind the scenes, silently making money for an anonymous hacker. No files are locked or held for "ransom".  It also stops other malware from being deployed. 

The Bad News

As reported by Rebecca Campbell, Monero is thought to be so popular within the digital currency space because it offers unique privacy features that make it completely anonymous and almost untraceable.

Though this latest malware seems to come on the heels of WannaCry, AdylKuzz was actually released weeks prior in April.

 

The Good News

Due to the large numbers of users affected by WannaCry, many organizations have already applied patches that will prevent infection by AdylKuzz.  

 

Rethink Proper Security Measures

WannaCry and AdylKuzz were not the first, nor will they be the last in the long, yet undetermined line of malware to affect organizations on a global-level. And though we previously noted the industries who may be more susceptible to data breaches then others, the ultimate problem companies face is how to not only identify but also respond to zero-day attacks. 

 

Specifically, organizations need tools to help them identify abnormal database activities, file configuration changes, and unauthorized port access to name a few. For a great list, you can refer to  Identifying Suspicious Network Changes.

 

Is it Possible to Protect Against Invisible Malware?

Checking your critical system files, configuration files, registry files and temporary folders for changes can be an arduous task.  Finding a change without advanced File Integrity Monitoring tools is close to impossible.

With the help of CimTrak, security professionals gain the ability to identify malicious changes to Windows Registry keys, critical system file contents, and other key hiding places the moment they occur.

Not only can you achieve total oversight, you can even fully remediate changes! 

CimTrak makes invisible malware...visible. Click here to learn more.

 

New Call-to-action

Topics

Jacqueline von Ogden

Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".