1. Home
  2. Security researchers discover malware that infected 90,000 computers worldwide

Security researchers discover malware that infected 90,000 computers worldwide

Agencies
October 8, 2019

Security researchers have discovered that the Smominru malware infected 90,000 machines worldwide during the month of August, with an infection rate of up to 4,700 computers per day.

In its post-infection phase, it steals victim credentials, installs a Trojan module and a cryptominer and propagates inside the network, according to researchers from Guardicore, a data centre and cloud security company.

The botnet uses several methods to propagate, but primarily it infects a system in one of two ways -- either by brute-forcing weak credentials for different Windows services, or more commonly by relying on the infamous EternalBlue exploit, cybersecurity firm Kaspersky said in a blog post last week.

Even though Microsoft patched the vulnerability EternalBlue exploits, which made the WannaCry and NotPetya outbreaks possible, many companies are simply ignoring updates, Kaspersky said.

China, Taiwan, Russia, Brazil and the US have seen the most attacks, but that doesn't mean other countries are out of its scope. For example, the largest network Smominru targeted was in Italy, with 65 hosts infected.

The criminals involved are not too particular about their targets, which range from universities to healthcare providers.

However, one detail is very consistent. About 85 per cent of infections occur on Windows 7 and Windows Server 2008 systems. The rest include Windows Server 2012, Windows XP and Windows Server 2003.

After compromising the system, Smominru creates a new user, called admin$, with admin privileges on the system and starts to download a whole bunch of malicious payloads.

The most obvious objective is to silently use infected computers for mining cryptocurrency (namely, Monero) at the victim's expense.

The malware also downloads a set of modules used for spying, data exfiltration, and credential theft.

On top of that, once Smominru gains a foothold, it tries to propagate further within the network to infect as many systems as possible.

To protect their network, computers, and data from Smominru, users need to update operating systems and other software regularly, Kaspersky said.

It is also important for users to use strong passwords. A reliable password manager that helps you create, manage, and automatically retrieve and enter passwords may help protect you against brute-force attacks.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 16,2020

While Google is still working on a coronavirus screening and tracking website, Microsoft Bing team has already launched a web portal for tracking COVID-19 infections worldwide.

The website, accessible at bing.com/covid, provides up-to-date infection statistics for each country.

The COVID-19 Tracker currently lists 168,835 as total confirmed cases, 84,558 active cases, 77,761 recovered cases and 6,516 deaths.

There are at least 3,244 confirmed cases of novel coronavirus in the US and at least 61 deaths.

"Lots of Bing folks worked (from home) this past week to create a mapping and authoritative news resource for COVID19 info," Michael Schechter, General Manager for Bing Growth and Distribution at Microsoft, was quoted as saying in a ZDNet report on Sunday.

An interactive map allows site visitors to click on the country to see the specific number of cases and related articles from a variety of publishers.

Data is being aggregated from sources like the World Health Organization (WHO), the US Centers for Disease Control and Prevention (CDC), and the European Centre for Disease Prevention and Control (ECDC).

Microsoft announced the website two days after US President Donald Trump said Google has begun working on COVID-19-related portal for US citizens.

Google's website is being built by Verily, a subsidiary of Alphabet focused on healthcare services.

"More than 1,700 engineers are currently working on the site", Trump said during a press briefing last week.

The tool will triage people who are concerned about their COVID-19 risk into testing sites based on guidance from public health officials and test availability.

Initially, there was some confusion on Google's coronavirus portal but the company later announced that it is "partnering with the US Government in developing a nationwide website that includes information about COVID-19 symptoms, risk, and testing information."

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
May 14,2020

Social media platform WhatsApp assured the Supreme Court on Wednesday that it will not roll out its payment services without complying with all payment regulations and norms in the country.

A bench headed by Chief Justice S.A. Bobde and comprising Justices Indu Malhotra and Hrishikesh Roy took up the matter through video conferencing. Senior advocate Kapil Sibal, representing the social media platform, said "WhatsApp Inc makes a statement on behalf of his client that they will not go ahead with the payments' scheme without complying with all the regulations in force."

The statement was made during the hearing of a petition seeking a ban on payment through WhatsApp, as it does not conform to the data localization norms. The top court took the assurance made by WhatsApp on record.

WhatsApp made the statement during the hearing of a plea seeking a ban on its payment service, for not being in line with data localization norms.

In 2018, WhatsApp was granted a beta licence to launch its payment service, but a dedicated and separate app is yet to be launched. A petition was moved in the apex court that WhatsApp's existing model for its payments service should be declared inconsistent with the Unified Payment Interface (UPI) Scheme, as a separate dedicated app has not been offered by the company.

The petitioner NGO, Good Governance Chambers, argued that the National Payments Corporation of India (NPCI) and the Reserve Bank of India (RBI) must change its model on the lines of the UPI payment scheme, and its operations may be suspended until these conditions are met.

The apex court today asked the Centre, Facebook and WhatsApp to file their replies within three weeks and it will take up the matter thereafter. The court noted that the government may process the applications filed by WhatsApp in accordance with the law and there is no stay on the same. Facebook was represented by senior advocate Arvind Datar.

The petitioner argued that lapses have been found in relation to WhatsApp's claims of having a secure and safe technological interface for securing sensitive user data.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
January 17,2020

Bengaluru, Jan 17: India’s latest communication satellite GSAT-30 was successfully launched from the Spaceport in French Guiana during the early hours on Friday.

In a press release, ISRO, has stated that the launch vehicle 'Ariane-5 VA-251' was blasted off from Kourou Launch Base, French Ginana at 0230 hours, carrying India’s GSA-30 and EUTELSAT KONNECT for Eutelasat, as per schedule.

The Ariane 5 upper stage in an elliptical Geosynchronous Transfer Orbit.

With a lift-off mass of 3,357 kg, GSAT-30 will provide continuity to operational services on some of the in-orbit satellites.

GSAT-30 derives its heritage from ISRO’s earlier INSAT/GSAT satellite series and will replace INSAT-4A in orbit.

“GSAT-30 has a unique configuration of providing flexible frequency segments and flexible coverage. The satellite will provide communication services to Indian mainland and islands through Ku-band and wide coverage covering Gulf countries, a large number of Asian countries and Australia through C-band," ISRO Chairman Dr K Sivan said.

Dr Sivan also said that “GSAT-30 will provide DTH Television Services, connectivity to VSATs for ATM, Stock-exchange, Television uplinking and teleport Services, Digital Satellite News Gathering (DSNG) and e-governance applications. The satellite will also be used for bulk data transfer for a host of emerging telecommunication applications.”

ISRO’s Master Control Facility (MCF) at Hassan in Karnataka took over the command and control of GSAT-30 immediately after its separation from the launch vehicle. Preliminary health checks of the satellite revealed its normal health.

In the days ahead, orbit-raising maneuvers will be performed to place the satellite in Geostationary Orbit (36,000 km above the equator) by using its onboard propulsion system.

During the final stages of its orbit raising operations, the two solar arrays and the antenna reflectors of GSAT-30 will be deployed. Following this, the satellite will be put in its final orbital configuration.

The satellite will be operational after the successful completion of all in-orbit tests.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.