WannaCry ransomware shook the healthcare industry and more than 150+ countries around the globe by many estimates. However, as Selena Larson reminds us, cyberattacks don't have to be flashy and well-known. A new invisible exploit, named "AdylKuzz", was discovered a couple of weeks ago.
What is Happening?
Proofpoint describes the symptoms of the potentially large-scale malware as including degradation of PC and server performance and loss of access to shared Windows resources.
This botnet is designed to be controlled remotely and with the ability to create a network of comprised computers,. Uniquely, AdylKuzz can generate the cryptocurrency called "Monero" upon installation. So how does AdylKuzz differ from Wannacry?
Essentially, it remains behind the scenes, silently making money for an anonymous hacker. No files are locked or held for "ransom". It also stops other malware from being deployed.
The Bad News
As reported by Rebecca Campbell, Monero is thought to be so popular within the digital currency space because it offers unique privacy features that make it completely anonymous and almost untraceable.
Though this latest malware seems to come on the heels of WannaCry, AdylKuzz was actually released weeks prior in April.
The Good News
Due to the large number of users affected by WannaCry, many organizations have already applied patches that will prevent infection by AdylKuzz.
Rethink Proper Security Measures
WannaCry and AdylKuzz were not the first, nor will they be the last in the long, yet undetermined line of malware to affect organizations on a global level. And though we previously noted the industries that may be more susceptible to data breaches than others, the ultimate problem companies face is how to not only identify but also respond to zero-day attacks.
Specifically, organizations need tools to help them identify abnormal database activities, file configuration changes, and unauthorized port access to name a few. For a great list, you can refer to Identifying Suspicious Network Changes.
Is it Possible to Protect Against Invisible Malware?
Checking your critical system files, configuration files, registry files and temporary folders for changes can be an arduous task. Finding a change without advanced File Integrity Monitoring tools is close to impossible.
With the help of CimTrak, security professionals gain the ability to identify malicious changes to Windows Registry keys, critical system file contents, and other key hiding places the moment they occur.
Not only can you achieve total oversight, but you can even fully remediate changes!
CimTrak makes invisible malware...visible. Click here to learn more.
May 25, 2017