Sunday, February 28, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Someone is uninstalling the Phorpiex malware from infected PCs and telling users to install an antivirus

January 26, 2020
in Internet Security
Someone is uninstalling the Phorpiex malware from infected PCs and telling users to install an antivirus
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image: Check Point

A mysterious entity appears to have hijacked the backend infrastructure of the Phorpiex (Trik) botnet and is uninstalling the spam-bot malware from infected hosts, while also showing a popup telling users to install an antivirus and update their computers, ZDNet has learned.

The popups have started appearing on users’ screens today, early morning, US Eastern time, and have been spotted by the research team at antivirus vendor Check Point.

You might also like

These four new hacking groups are targeting critical infrastructure, warns security company

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

Initially, ZDNet and others thought this was a prank coded inside the malware by the Phorpiex team for the purpose of trolling security researchers analyzing the malware.

However, as the hours passed, it became clear that this was actually taking place on customer systems, in the real world, and was not just a popup that was appearing in virtual machines used as malware analysis sandboxes.

“This is truly happening,” Yaniv Balmas, Head of Cyber Research at Check Point, told ZDNet. “We are closely monitoring this malware family and have noticed this behavior started just a few hours ago.”

Balmas listed several theories as what could have happened — such as the malware operators deciding to quit and shut down the botnet on their own terms, a law enforcement action, a vigilante security researcher taking matters into his own hands, or a rival malware gang sabotaging the Phorpiex crew by destroying their botnet.

Most likely a hijack

“Hijack seems likely based on the track record for the Phorpiex developer,” said a second malware analyst, who declined to have his name used in this article because he was not authorized to speak in his company’s name — another antivirus vendor.

“The Phorpiex developer has some pretty nasty rivals in the botnet game so it wouldn’t surprise me if this is an attack motivated by jealousy or something along those lines,” he added.

“The developer for the Phorpiex botnet is extremely lazy and careless,” the malware analyst said, claiming that he could have also hijacked the botnet in the past due to its simplistic IRC-based command and control mechanism.

Same botnet suffered a data breach in 2018

The Phorpiex malware, which has been active for more than a decade, has suffered security breaches in the past, also due to the malware developer’s carelessness.

In 2018, the Phorpiex developer left one of the botnet’s command and control backend servers exposed online, and security researchers were able to retrieve a list of 43.5 million email addresses that the Phorpiex crew was targeting with spam campaigns.

Phorpiex is one of today’s most active spam botnets. The Phorpiex team operates by infecting Windows computers and using these systems as spam bots to send out massive spam campaigns.

These spam campaigns keep the spam botnet alive, by infecting new PCs with Phorpiex, but they also send out custom spam campaigns on behalf of other cybercrime groups — the method through which the Phorpiex crew makes its money.

Whoever hijacked the botnet today and instructed bots to uninstall themselves has put a serious dent in the Phorpiex gang’s future profits and operations. To give an idea about the size of the profits the Phorpiex crew lost, Check Point previously reported that the same botnet made $115,000 in five months just from mass-spamming sextortion emails.


Credit: Zdnet

Previous Post

Operationalizing AI

Next Post

How artificial intelligence provided early warning of Wuhan virus — Quartz

Related Posts

These four new hacking groups are targeting critical infrastructure, warns security company
Internet Security

These four new hacking groups are targeting critical infrastructure, warns security company

February 28, 2021
Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill
Internet Security

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

February 28, 2021
TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit
Internet Security

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

February 28, 2021
Cybercrime groups are selling their hacking skills. Some countries are buying
Internet Security

Cybercrime groups are selling their hacking skills. Some countries are buying

February 28, 2021
Why would you ever trust Amazon’s Alexa after this?
Internet Security

Why would you ever trust Amazon’s Alexa after this?

February 28, 2021
Next Post
How artificial intelligence provided early warning of Wuhan virus — Quartz

How artificial intelligence provided early warning of Wuhan virus — Quartz

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

These four new hacking groups are targeting critical infrastructure, warns security company
Internet Security

These four new hacking groups are targeting critical infrastructure, warns security company

February 28, 2021
The Time-Series Ecosystem – Data Science Central
Data Science

The Time-Series Ecosystem – Data Science Central

February 28, 2021
Accurate classification of COVID‐19 patients with different severity via machine learning – Sun – 2021 – Clinical and Translational Medicine
Machine Learning

Accurate classification of COVID‐19 patients with different severity via machine learning – Sun – 2021 – Clinical and Translational Medicine

February 28, 2021
Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill
Internet Security

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

February 28, 2021
Top Master’s Programs In Machine Learning In The US
Machine Learning

Top Master’s Programs In Machine Learning In The US

February 28, 2021
TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit
Internet Security

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

February 28, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • These four new hacking groups are targeting critical infrastructure, warns security company February 28, 2021
  • The Time-Series Ecosystem – Data Science Central February 28, 2021
  • Accurate classification of COVID‐19 patients with different severity via machine learning – Sun – 2021 – Clinical and Translational Medicine February 28, 2021
  • Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill February 28, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates