Monday, January 25, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Trojan malware: The hidden cyber threat to your PC

February 7, 2019
in Internet Security
Trojan malware: The hidden cyber threat to your PC
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Cyber criminals are always looking for brand new ways of making money and causing destruction — or, even better, both at once.

The last 12 months have seen a boom in malicious cryptocurrency mining whereby cyber attackers secretly hijack the processing power of computers, servers and even IoT devices and use it to mine for cryptocurrency. While it might not be rapidly lucrative for the crooks involved, it’s stealthy and can be sustained over a long period of time — and most users don’t even know their machine’s processor is being used to line someone else’s pockets.

You might also like

DreamBus botnet targets enterprise apps running on Linux servers

Hacker leaks data of 2.28 million dating site users

This phishing scam left thousands of stolen passwords exposed through Google search

Ransomware takes the opposite approach: pay up, or risk having your files permanently locked, with the WannaCry and NotPetya ransomware attacks causing destruction around the world.

But while cryptojacking and ransomware continue to be widespread threats, other attackers have continued to quietly deploy a potentially much more damaging threat: trojan malware.

As the name suggests, trojan malware sneaks onto your PC by disguising itself as something else, often hidden in a malicious attachment that’s distributed with a phishing email.

Trojan attacks range from those using commodity malware, with phishing emails spammed out in bulk in the hope of scooping up victims for the purposes of stealing their login credentials, banking information or other private information. Other attacks are far more precise, targeting organisations or even individuals to gain access to specific data or information: this can be for creating a persistence presence on their network for espionage, stealing data and selling it, or loading other malware onto the system. 

SEE: Cybersecurity in an IoT and mobile world (ZDNet special report) | Download the report as a PDF (TechRepublic)

It sometimes appears as if trojans have been overlooked when talking about hacking threats, with some seemingly dismissing the malware as old-hat, a dated means of attack. However, a recent report from security company Malwarebytes reveals how trojans and backdoor attacks have rocketed in the past year.

“We’re seeing a new generation of stealers make an impact recently,” says Jérôme Segura, head of threat intelligence at Malwarebytes. 

“Their code base is often inspired by legacy malware — either as a plain copycat or a fork — and their stealing capabilities go beyond typical form grabbing or password scraping. For example, these days you might see stealers looking for cryptowallets or perhaps target two-factor authentication software.” 

Gaining persistent remote access — be it to a single user’s computer, or a whole network — is key to many cyber attacks: if they’re stealthy enough, hackers can remain undetected for a long time, as they work towards their long-term goals.

It’s why Emotet banking trojan is one of the most active malware threats. Not only does this prolific information-stealer have the capabilities for stealing data, monitoring traffic and secretly moving laterally through networks, it can also drop other trojans onto compromised systems.

However, what started life as a banking trojan has expanded its operations and now it’s frequently targeting businesses in attempts to collect whatever login credentials and data it can — potentially exploiting it in an effort to get hold of intellectual property and business secrets.

“Emotet is still rampant against UK organisations and probably globally. They continue to do it, so there must be some success,” says Adrian Nish, head of threat intelligence at BAE Systems.

“Many mid-sized and large organisations are targeted by Emotet on a daily basis — not successfully, but they’re receiving reasonably targeted phishing emails leveraging information about the organisation.”

Less sophisticated cyber criminal operations attempting trojan malware campaigns are likely to rely on spray-and-pray tactics, sending out vast swathes of emails in the hope that perhaps just a small handful of people open the message and run the malicious executable inside. These attacks are likely to be more focused on stealing bank details and personal information.

However, more sophisticated, customised campaigns operate with a specific target in mind: they could be looking to infiltrate the network of a particular organisation, they could even be looking to infiltrate a particular department, perhaps even with a specific individual in mind.

The sheer number of data breaches which have occurred over the years have made discovering email addresses, even passwords, easier than ever for cyber criminals. That data can be used to tailor phishing emails to have the highest chance of looking legitimate and being opened. Users may ignore a message from an unrecognised address, but if it looks as if that message has come from a co-worker or even their boss, they’re much more likely to do what the message says.

At the very top of the cyber chain, malicious trojans are built with huge budgets behind them, with nation-states funding the development of this software in order to conduct espionage on other nations, infrastructure, private industry and more.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

Those developing these tools are therefore the cream of the crop and know exactly what they need to do to bypass security software, they have the money, time, and resources to do so — and could potentially do a lot of damage.

“Each and everyday, these guys are tasked with one single thing: to make sure they don’t get detected by security solutions and come up with new ways of bypassing sandboxes and detention environments,” says Liviu Arsene, senior e-threat analyst at security company Bitdefender.

“They have the same security skills as we do and an intimate knowledge of how the security industry analyses malware samples.”

So despite the potent nature of trojans, why aren’t they talked about as much as other threats like ransomware? It might be the precisely targeted nature of some of these attacks. That means some of the more dangerous trojans are simply seen as something that doesn’t need to be worried about because they’re not widespread, only going after small numbers of victims — but that’s not a healthy attitude to take.

“They fly under the radar because they don’t necessarily have a huge pool of victims and it isn’t as necessarily as funky as when you infect thousands of users. If you find a trojan that’s really interesting, you’ll probably only find it infecting a handful of victims — five, ten, maybe 15 victims. That’s not usually a sexy topic,” says Arsene.

But a potent trojan has the power to do colossal amounts of damage in in the hands of a sophisticated attacker. No wonder cyber criminals are so interested in them again.

READ MORE ON CYBER CRIME

Credit: Source link

Previous Post

IMS to Unveil Prototype Imaging Machine Learning Platform at HIMSS19 - Imaging Technology News

Next Post

Nasdaq-Listed New Relic Acquires Machine Learning Startup SignifAI

Related Posts

DreamBus botnet targets enterprise apps running on Linux servers
Internet Security

DreamBus botnet targets enterprise apps running on Linux servers

January 25, 2021
Hacker leaks data of 2.28 million dating site users
Internet Security

Hacker leaks data of 2.28 million dating site users

January 25, 2021
This phishing scam left thousands of stolen passwords exposed through Google search
Internet Security

This phishing scam left thousands of stolen passwords exposed through Google search

January 24, 2021
This new ransomware is growing in strength and could become a major threat warn researchers
Internet Security

Ransomware is now the biggest cybersecurity concern for CISOs

January 24, 2021
MrbMiner crypto-mining operation linked to Iranian software firm
Internet Security

MrbMiner crypto-mining operation linked to Iranian software firm

January 24, 2021
Next Post
Nasdaq-Listed New Relic Acquires Machine Learning Startup SignifAI

Nasdaq-Listed New Relic Acquires Machine Learning Startup SignifAI

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

How to Change the WordPress Admin Login Logo
Learn to Code

JavaScript Wake Lock API

January 25, 2021
DreamBus botnet targets enterprise apps running on Linux servers
Internet Security

DreamBus botnet targets enterprise apps running on Linux servers

January 25, 2021
Tracking Pen Testing Trends and Challenges
Internet Privacy

Tracking Pen Testing Trends and Challenges

January 25, 2021
All You Should Know About Data Security in 2020/2021
Data Science

All You Should Know About Data Security in 2020/2021

January 25, 2021
AWS Machine Learning Specialty Online Course
Machine Learning

AWS Machine Learning Specialty Online Course

January 25, 2021
Beware — A New Wormable Android Malware Spreading Through WhatsApp
Internet Privacy

Beware — A New Wormable Android Malware Spreading Through WhatsApp

January 25, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • JavaScript Wake Lock API January 25, 2021
  • DreamBus botnet targets enterprise apps running on Linux servers January 25, 2021
  • Tracking Pen Testing Trends and Challenges January 25, 2021
  • All You Should Know About Data Security in 2020/2021 January 25, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates