Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Cloud infrastructure exposed by multivector, multi-platform malware attacks prevalent, mass scale

Cloud infrastructure exposed by multivector, multi-platform malware attacks prevalent, mass scale

Persistent malicious attacks exposing cloud infrastructure are the result of a perfect storm combining cryptomining, ransomware and botnet/worms for both Linux and Windows, the Securonix Threat Research Team reported.

“The attack activity described in the report is likely prevalent and mass-scale,” Oleg Kolesnikov told SC Media.

The research Addison, Texas-based Securonix provides further insight into the inner-workings of particularly persistent, not to mention complex, threats to cloud infrastructures.

“Based on what we’ve been seeing in the wild, it has been taking on the order of minutes for new exposed IPs to be compromised by different threat actors using the attack vectors discussed in the report,” said Kolesnikov, who co-authored the report with Harshvardhan Parashar.  

Some Xbash botnet attacks, which emerged a few months ago but has been active since May 2018, target multi-vectors and multi-platforms,while others are “fairly trivial,” involving single-vector/single-platform attacks where the focus is mainly on cryptomining,

Xbash malware infects Linux and Windows systems with the aim of deleting critical databases instead of encrypting them without any functionality to backup/recover the files, while installing cryptojacking scripts and impersonating a ransomware attack.

“We are seeing more and more cases where attackers are leveraging multiple different attack modalities as part of the actions on objectives in the same attack campaign,” Kolesnikov explained, adding that the trend is “becoming part of the norm.” Subsequently, blue teams need to be able to deal with such an attack combination on a daily basis, he added.

From a detection perspective, some attacks have been associated with observed Moanacroner and Xbash behaviors. “But these are not the only attacks that were observed exhibiting the behaviors,” Kolesnikov noted.

“In most cases, the focus of the attacks is on installing a second-stage payload for cryptomining and/or remote access,” the report stated. “In other cases, the malware propagates and infects the exposed services,removes data, and installs second-stage cryptomining and ransomware payloads.”

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket