Nation-backed malware that infected energy firm is 1 of 2016’s sneakiest

Discussion in 'malware problems & news' started by hawki, Jul 13, 2016.

  1. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    "Nation-backed malware that infected energy firm is 1 of 2016’s sneakiest...

    ...The malware contains about 280 kilobytes of densely packed code that, like a ninja warrior, cleverly and stealthily evades a large number of security defenses. It looks for and avoids a long list of computer names belonging to sandboxes and honeypots. It painstakingly dismantles antiviruses one process at a time until it's finally safe to uninstall them. It takes special care when running inside organizations that use facial recognition, fingerprint scanners, and other advanced access control systems. And it locks away key parts of its code in encrypted vaults to prevent it from being discovered and analyzed....."

    http://arstechnica.com/security/201...infected-energy-firm-is-1-of-2016s-sneakiest/
     
  2. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    "State-sponsored malware targeting energy companies across Europe, says security firm

    Researchers suspect Russian coders are involved in the campaign....

    ...The malware code is encrypted in a way that it is difficult to detect and analyse it. Moreover, the code is capable of not only evading security detection but also disabling and uninstalling antiviruses. Once the code gains administrative privileges, it conducts a thorough survey of the network and reports the findings to its operators and awaits further instructions..."

    http://www.ibtimes.co.uk/state-spon...nies-across-europe-says-security-firm-1570352

    The thought of an all out cyber-war is truly terrorfying.
     
Loading...