You are reading the article Fileless Malware On The Rise updated in February 2024 on the website Tai-facebook.edu.vn. We hope that the information we have shared is helpful to you. If you find the content interesting and meaningful, please share it with your friends and continue to follow and support us for the latest updates. Suggested March 2024 Fileless Malware On The Rise
Fileless Malware on the Rise
Therefore, the question arises, can you combat what you can’t catch? Well, you may be able to do that! You just need to know how.What are Fileless Malware?
Generally, anti-malware detects malware stored inside a hard drive. But fileless malware do not need any storage space, hence remain untraced by traditional defense systems. Additionally, fileless malware are resilient, hence more troublesome. Some examples of the malware are Phasebot(raw material to create virus for data theft), Poweliks(affects C&C server and invites other attacks) and Anthrax(affects files through computer memory).
The creators of ‘fileless’ malware have used PowerShell (a Microsoft tool) to execute memory focused attacks by using macros. Macros tell PowerShell to load malicious code in the computer’s memory. Macros, though used for automating tasks can be a medium for malware attacks in which malware can easily hide inside documents. They seem harmless and when opened ask to enable macros. As soon as macros are enabled, the malware hits the computer memory.How Can You Stop Them?
Fileless malware are old. Attackers used them in 90’s before Windows introduced Office XP (2001). But we still seem less equipped against the technique. The attacks may have made a comeback with the use of Dropbox and zipped file attachments, but, we can still stop them.
Here are some of the best practices that you must follow to evade fileless malware attacks.
Get the Best Protection System
Protect Your Email
Fileless malware use email attachments for spreading infection. Thus, ensure that you scan and strip your attachments and check link reputation. It can decrease the probability of attacks.
Enable macros only if required. For example, you do not need macros in a word processor. You must install the latest MS Office version to prevent such attacks through word documents.
Security best practices cannot be implemented unless employees are educated enough. Tell your employees not to open suspicious emails and disable macros as far as possible.
Only healthy security practices combined with adequate defense tools can help stay secure against malware attacks in the long run. We hope that you follow these easy yet important steps to keep your system safe from Fileless Malware!
Next Read: What is a cyber-attack and how it affected us this year?Quick Reaction:
About the author
Tweak Library Team
You're reading Fileless Malware On The Rise
Why IUDs and Birth Control Implants Are on the Rise BU experts weigh in on the current threats facing family planning and abortion access in America
Photo courtesy of iStock/PrimeTime_Productions
Updated on June 12, 2023.
The four million Americans who receive birth control and other health services through Title X, the federally funded family planning program, may be breathing a sigh of relief (at least temporarily). The Trump administration’s sweeping changes to Title X, which were rolled out in March 2023 and scheduled to go into effect on May 3, 2023, were blocked in late April by a federal judge in Washington state. The changes would have prevented any medical organization that provides or refers patients for abortions from receiving program Title X funds that support STD prevention, cancer screening, and contraception.
The now-blocked Title X changes are just one of numerous actions that the Trump administration has taken to restrict access to contraception and abortion. Add on top of that the murky future of the Affordable Care Act (ACA), and it’s no coincidence that more and more women are seeking out long-term birth control options.
In the days and months following the 2024 presidential election, women’s healthcare providers across the country reported a spike in patients’ requests for long-acting reversible contraceptives (LARCs) like intrauterine devices (IUDs) and under-the-skin implants. Among them were several physicians with Boston University ties who saw patients becoming more concerned about birth control access.
Due to President Trump’s campaign promise to repeal the ACA—which requires coverage for most contraceptives—these physicians say many women felt the window of time to get free birth control was closing, especially for more expensive and highly effective contraceptives like IUDs and implants which, respectively, cost between $1,000 and $1,300. As long as the ACA’s Women’s Health Amendment is still enforced, most insurance companies must cover the costs.
Judy Platt, director of Boston University’s Student Health Services primary care department, remembers seeing firsthand an increase in the number of BU students’ requesting IUDs after the 2024 election, which, she says, then leveled off after about 12 months.
“I saw a patient this morning who, when I was reviewing her history, talked about how she got an IUD the week after the election. That is how she refers to it: 2024, the week after the election,” says Katharine White, who is a practicing physician and associate professor of obstetrics and gynecology at Boston Medical Center and BU School of Medicine. “That was the incentive for her to get it.”
According to physician Jennifer Childs-Roshak (Questrom’10), president and CEO of Planned Parenthood League of Massachusetts, Planned Parenthood health centers across the country saw the total number of patients using IUDs increase 91 percent in recent years, and saw an uptick in requests for IUDs after the 2024 election due to concerns about losing access to affordable birth control.
Research data now backs up healthcare providers’ anecdotal reports about the increasing popularity of LARCs. A recent Harvard University study found the demand for IUDs and implants increased by 21.6 percent in the 30 days after Trump was elected.
The IUD and the implant are the most effective forms of reversible birth control available, according to the American College of Obstetricians and Gynecologists. Depending on the type, an IUD can last for over 10 years of continued use and an implant can last 3 years or more. This “set it and forget it” method, combined with the devices being highly effective, can be incredibly freeing, White explains, and patients themselves are often the ones spreading the word about the benefits within their social circles.
“A woman who has an IUD that she’s happy with will talk to everybody about how her IUD has changed her life,” says White. “There’s a social element I see to LARC devices that there hasn’t been around other methods of birth control.”
White says that there are, of course, pros and cons to any method of birth control, which should be carefully considered with a healthcare provider no matter who is sitting in the Oval Office.
“The answer is not: everyone should have an IUD,” says White. “It’s that everyone should have free and easy access to one, so if that’s what she decides is the best thing for her, she can just get it and get back to her life.”
Two years into Trump’s presidency, his administration has made it easier for employers to claim religious or moral objections to the ACA’s mandate that they provide insurance for contraception. On April 1, 2023, President Trump tweeted that a vote to totally replace the ACA will have to wait until after the 2023 election, when he hopes that the House of Representatives will return to a Republican majority.Why geography matters
When the proposed Title X changes were first revealed in March 2023, 21 states and medical organizations like Planned Parenthood filed lawsuits in opposition. The rule changes would have removed the guarantee that patients receive full and accurate information about abortion options from their doctors, which raised ethical concerns from medical professionals.
“The Trump-Pence administration…put healthcare providers like Planned Parenthood in an impossible position: withhold information from patients or get pushed out of the Title X program,” says Childs-Roshak.
Nationally, 41 percent of the people who receive care through the Title X program go to Planned Parenthood health clinics. According to Childs-Roshak, funding from the Title X program prevented over 1,500 chlamydia cases, 260 gonorrhea cases, and 43 cervical cancer cases in 2010 in Massachusetts. The rule changes would have had disproportionate consequences for women of color, who make up at least 56 percent of Title X participants.
Advocates have also expressed concern that cuts to Planned Parenthood would leave patients stranded from healthcare in certain areas of the country.
“Geography matters in this country with respect to health and human rights,” says Wendy Mariner, a BU School of Public Health professor of health law, School of Law professor of law, and School of Medicine professor of medicine.
Lawmakers in some left-leaning states like Massachusetts and New York are taking steps to protect access to reproductive care and remove barriers that limit a person’s ability to choose to have an abortion. In response to the Trump administration’s efforts to roll back coverage requirements for employers with religious or moral objections, Massachusetts enacted a bill in 2023 that mandates free access to contraceptives. New York has abolished a 1970-era law that criminalized abortion unless a mother’s life was at risk and legalized abortion after 24 weeks if a woman’s health or the fetus’ life is in danger.
Meanwhile, in some right-leaning states, conservative lawmakers are making abortion services and contraceptive services less available by imposing Targeted Regulation of Abortion Providers (TRAP) laws, in hopes of getting a case in front of the Supreme Court that could potentially undermine a woman’s federally protected right to choose an abortion.
In 2024, one such case from Texas, Whole Woman’s Health v. Hellerstedt, made it all the way to the Supreme Court. The case challenged a 2013 Texas TRAP law that mandated that physicians who perform abortions have admitting privileges to a hospital within a 30-mile radius, which slashed the state’s number of abortion clinics from 42 to just 19.
“In the Whole Woman’s Health case, the [Supreme Court] struck down the Texas TRAP law because it did not, in fact, provide any medical benefit but made women’s right to have an abortion impossible to exercise in many cases,” Mariner explains. But in today’s current political climate, “with the new Supreme Court justices who are believed to favor restrictions on abortion and contraception, I think states are being encouraged to enact laws that more directly attack women’s rights to make all kinds of reproductive decisions.”
A bill in Louisiana has presented new challenges, Mariner recently wrote in a blog post, that go well beyond abortion and could potentially alter how constitutional rights are defined and protected. In May 2023, the governor of Louisiana signed into a bill that proposes to ban abortions as early as six weeks into pregnancy. Since pregnancy is tracked from the first day of a woman’s last period before conception, for a woman with a typical 28-day menstrual cycle, six weeks pregnant is only about two weeks after she has missed her next period. Kentucky, Mississippi, Ohio, Missouri, and Georgia have signed similar bills that seek to restrict abortion early within the first trimester. Alabama’s governor signed one of the most extreme bills, which proposes to criminalize doctors for performing abortion procedures with up to 99 years in jail, unless a woman’s life is threatened or a lethal fetal anomaly is detected.
“When you think about what is actively happening right now…how many women are not in control of their bodies right now. [Women are] already not able to fully decide what happens to their pregnancies,” says White, who recently penned an
Although White does not credit the upward trend in IUDs and implants to the threat of new legislation restricting abortion access—since most women don’t anticipate needing a future abortion—she does see her patients worrying more and more about losing access to affordable methods of birth control.
“I find that issues around reproductive health are one of those ways that people are realizing that what happens politically affects them personally,” says White. “Issues around contraception and abortion directly affect the decisions that they can make for themselves and for their family and I think that has been a very rude awakening.”
Mariner says if a person’s rights granted in Roe v. Wade were taken away by a Supreme Court decision, “then it would be up to the states individually to decide what laws they wanted to pass. So where you live would determine what your rights were, the way that where you live now influences what kind of education you receive, what jobs are available, and whether you can breathe the air.”
Explore Related Topics:
The rise of the open edition (OE) is officially here. After increasing in popularity throughout 2023, the last few months have seen thousands of artists and Web3 builders creating claim pages for open-edition mints. The NFT community has flocked to them in droves, generating millions in revenue and reinvigorating the crypto art space as it tries to shake off the icicles of a frosty 2023. Beyond the financial boost, OEs benefit the NFT ecosystem by driving engagement, allowing an artist’s fan base more opportunities to collect their work while expanding that community’s reach at the same time.
This all sounds like good news — and it is, depending on who you ask. While some celebrate open editions, others worry that they ultimately harm the space, diluting the value of an artist’s output (most notably their 1-of-1s) and bringing little to collectors in terms of utility. There’s also the question of the unknown long-term effects that OEs have on a body of work.
To parse out these concerns and understand why open editions have begun their staggering ascent, we looked at the numbers and spoke to some of the artists and collectors who know the OE trend best. But first, it’s worth understanding the historical context behind this upswing.How did open editions get so popular?
Open editions are NFT drops with no set supply limit, allowing collectors to mint as many tokens as they want within a certain period (usually within 24, 48, or 72 hours). They can also be open-ended, with no time limit, though these are somewhat rarer. The open edition itself isn’t a particularly new drop methodology in the NFT space (Beeple famously dropped three open editions on Nifty Gateway in 2023, for example), but the sheer volume of OEs showing up on the radar recently is unprecedented. Countless artists have joined the OE rush in recent weeks and months, including Terrell Jones, Lucréce, and Marcel Deneuve. And their mints are mostly being met with enthusiasm from their communities and fans.
This surge in popularity can be attributed in part to two things: the dissemination of democratic minting infrastructure from the likes of platforms like Manifold and Zora throughout 2023 and well-known artists experimenting with open editions over that same year. Following XCOPY’s landmark $23 million “MAX PAIN” open edition in March 2023, such experimenters include Alpha Centauri Kid, Grant Riven Yun, and Isaac ‘Drift’ Wright, the NFT photographer who dropped First Day Out in April 2023 as a 24-hour open edition to commemorate his release from prison a year earlier.
That drop sparked an ongoing conversation about utility in the NFT space and whether or not artist pieces — whether OE, 1-of-1, or limited editions — need to come with some additional value or application for collectors beyond just being a piece of artistic work. It also caused people to reconsider how such drops would affect the pricing and value of a well-known artist’s unique 1-of-1 pieces.Behind the rise: Manifold’s Claim Pages and Zora’s Editions
Drift released his open edition on Manifold, a minting platform that might be the most meaningful contributor to the proliferation of the open edition in recent months. First Day Out was minted on Drift’s customized Manifold smart contract. The release likely helped influence the platform’s decision to develop a way for NFT community members with no coding knowledge to easily do the same. Manifold’s goal has always been to give Web3 community members access to tools they can use to create customized drop experiences for their communities. While larger platforms like OpenSea had launched similar “storefront” capabilities in years prior, they were substantially limited in what artists could do with their drops.
Manifold’s most significant impact on the OE movement came when it launched Paid Claim Pages in October 2023. An extension of its Claim Pages functionality which let artists set up pages for free mint drops, Paid Claim Pages allowed users to launch a drop page for limited and open editions for ERC-721 and ERC-1155 tokens, just like Drift had done earlier that year. The result? Currently, over 16,000 claims have been created by over 6,000 users on the platform, churning out nearly 15,000 ETH ($20 million) in total primary sales volume, according to Dune’s analytics dashboard.
Zora is another NFT marketplace protocol that, along with Manifold, has played a significant role in the OE craze. For those unfamiliar with the name, Zora was the platform through which artist and designer Jack Butcher chose to launch his now well-known NFT project Checks VV. Since launching its Creator Toolkit in May 2023 and giving users a no-code-required way to mint and drop NFT collections, nearly 240,000 unique wallet addresses have minted an edition of some kind, either fixed-sized or open edition.
And while the majority of the more than 8,500 contracts deployed on the platform have been for fixed-size edition drops, that ratio is rapidly beginning to swing in the other direction. Out of the 1,525 total ETH primary sales volume that Zora’s Creator Toolkit has generated since its release (along with over 16,000 ETH in secondary sales), over half can be attributed to OE drops, according to Zora’s Dune analytics dashboard. Combine that with a distinct statistical shift in the kind of collection users are creating on the platform starting in January of this year, and it’s clear that the open edition has hit an inflection point.
via DuneWhat artists and collectors are saying
Not everyone is entirely on board with open-edition fever, however.
“It’s a free market for artists, buyers, and collectors to do as they wish,” said influential NFT collector, influencer, and Web3 builder 33NFT of open edition popularization in an interview with nft now. “But an artist can sell too many editions — thousands or more — which, in my opinion, can end up causing a headache, as the artist and buyer usually want to see the post-mint price rise or at least keep stable above the initial mint price. It appears as an afterthought when, a few months later, an artist announces there will be a burn event, or that very large editions can be used as purchase tokens to submit in exchange for a 1-of-1 artwork.”
“I wouldn’t recommend any artist to drop an open edition until their 1-of-1s have become unaffordable for most.”
The collector referenced Beeple’s 2023 open edition drop with Nifty Gateway as an example of an OE done right. During that drop, Bull Run, Infected, and Into The Ether sold for $969 each. In 33’s eyes, the relatively high price and resulting low volume from the OE drop struck a good balance between accessibility and value preservation rather than coming across as something like an artist’s initial coin offering (ICO).
“Generally, I wouldn’t recommend any artist to drop an open edition until their 1-of-1s have become unaffordable for most,” 33 continued. “There should also be a good reason for the open edition. I’d much rather see a limited edition of 50, 100, or 1,000 if the artist so wishes. But I like to know what that number is.”
In contrast, some artists in the space take umbrage with the idea of scarcity. Visual artist and sci-fi futurist Marcel Deneuve believes that open editions can be a great way to keep the NFT community healthily balanced, ensuring that it’s not just community members with deep pockets and expensive 1-of-1s dominating the space.
“1-of-1s are for a very specific group of people; only a few can actually afford them,” Deneuve said while speaking to nft now. “But there are lots of fans who want to get collectibles and support their favorite artists. This was the main reason I started making OEs.”
Deneuve’s recent OE drop on Manifold
Deneuve has minted several NFTs on Manifold in recent weeks, and, in his view, the community response has been a success. Like other collectors and artists in the space he talks to, Deneuve isn’t committed to any one type of drop but thinks exploring options that his collectors request is worth doing.
“I think the concept of scarcity is a bit overrated.”
“As long as folks ask me to make it, it is a success,” Deneuve underlined. “I will continue doing both types of drops, but my focus is definitely on OEs. Even though too much supply is bad for artists, I think the concept of scarcity is a bit overrated.”The future of the open edition
Some artists are wary of the unforeseen effects open editions might have. Prominent NFT artist and photographer Cath Simard recently took to Twitter to express both her interest in and hesitation with the open edition, striking an ambivalent tone that likely resonates with plenty of other artists in the space. Similarly, minimalist artist and NFT figurehead Grant Riven Yun has said that he believes a higher number or low-priced 1-of-1s is superior to a large number of an edition of a single piece for both artists and collectors.
My first open edition will be one of my most popular image ever created. Very close to Free Hawaii Photo & Le Départ in terms of popularity. If open editions are for “accessibility” to art, might as well have your best and most appreciated work in as many wallets as possible imo.
— CATH Simard (@cathsimard_) January 26, 2023
“It all depends on where an artist is in their career,” 33 elaborated. “I think most people would rather own a 1-of-1. Back in the day, XCOPY was selling 1-of-1 artworks on SuperRare for around $100, and he fully deserves to be where he is today. But now, newer NFT artists rarely want to sell 1-of-1s for that much and want more notable dollars quicker. If they don’t yet have that demand, maybe they think they can pay their bills with an OE.”
As open editions continue to grow as a dynamic in the ever-evolving NFT ecosystem, artists should keep a cautious eye out for the long-term effects they might have but not be terrified of utilizing them. That the space is experimenting with OEs is healthy in and of itself. As a collector, it’s best not to mint an open edition with an eye toward it becoming an extremely valuable asset either immediately or sometime down the line.
The concept of supply as it relates to value in art is nothing new, as many have pointed out. NFTs enable artists to interact with their collectors in previously impossible ways, so it was inevitable that this age-old debate in the traditional art world translated to Web3. How artists choose to navigate it is up to them, but both lauding open editions as a silver-bullet solution to bear market conditions and lambasting them as a harmful and diluting force for collectors are short-sighted lenses through which to view change in an industry that is built on innovation.
Cryptocurrency has been a buzzword for quite some time now and has attracted much attention across the world. The most interesting part of cryptocurrency is that it is not issued by any central authority, government, or banks and hence it is not subject to government intervention like legal tender.
The year 2023 has seen a sharp increase in the price of cryptocurrency with bitcoin crossing the $50,000 mark, simply making it the world’s most valuable cryptocurrency worth half a million. Despite such a huge increase, the use of bitcoin in global payment still doesn’t seem to be happening.
Though we saw how Tesla started accepting bitcoin as a payment option, it was later revoked by Elon Musk on the grounds of environmental concerns.
The cryptocurrency market, since its inception, has been extremely volatile. The nature of cryptocurrency and its volatility have been long discussed by economists, policymakers, and investors. There has been a visible increase in the influx of traders in the cryptocurrency market with the vision to make huge profits in a short term. However, everyday users are still lagging behind.
One of the main obstacles to widespread adoption for a number of reasons is the unsteadiness of cryptocurrencies. All currencies must be stable to be used as a reliable medium of exchange. As prices rise and fall, the general public will stop using the coin for day-to-day trading, hoping that the coin will skyrocket or stay stagnant. However, people are still not used to seeing real money in cryptocurrencies.
The desire for stability is obvious. In general, trust and reputation mean that people need to know the value of their property. While cryptocurrencies are still relatively small currencies (for example, when the US dollar is used as a measure of stability), this volatility is a major issue affecting a currency’s reputation and capacity.
The quest for stability has given birth to a new asset class called a payment token. A “stable coin” is a cryptocurrency pegged to another fiat currency, such as the US dollar, Euro, or any other currency. While being a global currency, it is not tied to a central bank and has extremely low or negligible volatility. This type of cryptocurrency can be used practically, for daily payments.
The rise of payment tokens has introduced a new asset class where some payment tokens are pegged with Fiat and some are supported by precious metals such as gold, etc.
Gold Supported Cryptocurrency: The rise of USDR
Gold has been considered as one of the most valuable assets, not just today but for the last 5000 years. The price of gold is increasing multifold every 10 years. Considering the popularity and acceptance of gold as a store of value, businesses are now digitizing the value proposition of gold, one of the oldest and most stable currencies in the world. The result is a liquid crypto asset supported by the benefits of physical gold.
With the growing demand for gold-supported crypto assets, the cryptocurrency world is witnessing the launch of many gold-supported payment tokens, one such payment token which has taken an edge over its competitors is USDR.
The US Reserve Dollar (USDR) is a gold-pegged cryptocurrency that can maintain a one-to-one relationship with the dollar.
USD reserve or USDR acts as a cryptographic digital payment token. Tokens are issued on the Ethereum blockchain and
Binance smart chain (BSC). The main goal of USDR is to expand its presence in the world in accordance with Swiss law, as well as gain recognition as a necessary payment mode for all investors.USDR More than just a Cryptocurrency
USDR Supply tracker
USDR has been reformed to be 100% transparent and open. The volume of the token will only expand after the mined gold has been processed. This means that all newly minted coins are completely supported with gold.
USDR Supply Management is an important cross-network solution. When users want to exchange, they can buy and sell coins that are already in circulation. Each network consists of addresses where inactive coins are stored as a backup for users. There are also so-called system addresses for exchanging multiple networks.
USDR decentralized wallet
The Latest Mac Malware – ‘mshelper’ & How To Deal With It
Recently, a new malware was found affecting MacOS, called ‘mshelper’, which uses extra resources of CPU to slow down your system. Let us know more about this malware.What is ‘mshelper’?
Mshelper gets into your system while you visit porn sites, or open some attachment from a spam email, or even when you install a freeware.
Once, mshelper enters your system, to weaken the firewall, it will change settings of registry. This will further create a way in for hackers to get into your system and invade your privacy.What else can ‘mshelper’ do to your Mac?
1. It weakens your firewall and antivirus suite to invade more infections.
2. It can also corrupt your web browser, after which, it will redirect you to the malicious and unsafe sites.
3. It will try to use all the heavy resources, making your system and processor slow and corrupt.
However, if your Mac is infected with ‘mshelper’, you can remove it easily, by following the tutorials given, which will assist you to kill it permanently.How to Find ‘mshelper’ in Mac?
1. Go to Utilities Folder and search for ‘Activity Monitor’.
2. Open Activity monitor.
3. Now, in Activity Monitor, tap on ‘CPU’ tab given.
5. Once you are done with the above steps, start searching for ‘mshelper’, and when sorted by the %CPU, it should be in the top results.
NOTE: This process restarts even after you kill it. This can only be stopped by removing ‘mshelper’ from the system.Steps to Remove/Delete ‘mshelper’ from Mac
To completely remove ‘mshelper’ from your system, there are two files that should be deleted from the Mac library. Let’s see how it is done.
1. Go to a ‘Finder’ window.
2. Now, from the Finder window, select your Mac’s internal storage.
3. In internal storage, select the ‘Library’ folder and open it.
4. After this, from the Library folder, select and open ‘LaunchDaemons’ folder.
To delete the second file:
1. Press the back arrow in Finder window (Last window you were at).
2. Now, here search and find ‘Application Support’.
These steps will completely remove ‘mshelper’ from your Mac, making it more safe and secure. Once you are done with these steps, restart your Mac, and check ‘%CPU’ tab again, if it’s no longer there, then you have successfully deleted ‘mshelper’ from Mac. Congratulations!!Quick Reaction:
About the author
Tweak Library Team
A shadowy group of hackers has siphoned intelligence data worldwide from diplomatic, government, and scientific research computer networks for more than five years, including targets in the United States, according to a report from Kaspersky Lab.
Kaspersky Lab began researching the malware attacks in October and dubbed them “Rocra,” short for “Red October.” Rocra uses a number of security vulnerabilities in Microsoft Excel, Word, and PDF documents types to infect PCs, smartphones, and computer networking equipment. On Tuesday researchers discovered the malware platform also uses Web-based Java exploits.
It’s not clear who is behind the attacks, but Rocra uses at least three publicly known exploits originally created by Chinese hackers. Rocra’s programming, however, appears to be from a separate group of Russian-speaking operatives, according to the report from Kaspersky Lab.
The attacks are ongoing and targeted at high-level institutions in what are known as spear-fishing attacks. Kaspersky estimates that the Red October attacks have likely obtained hundreds of terabytes of data in the time it has been operational, which could be as early as May 2007.
Rocra infections were discovered in more than 300 countries between 2011 and 2012, based on information from Kaspersky’s antivirus products. Affected countries were primarily former members of the U.S.S.R., including Russia (35 infections), Kazakhstan (21), and Azerbaijan (15).
Other countries with a high number of infections include Belgium (15), India (14), Afghanistan (10), and Armenia (10). Six infections were uncovered at embassies located in the United States. Because these numbers came only from machines using Kaspersky software, the real number of infections could be much higher.
Take it all
Kaspersky said the malware used in Rocra can steal data from PC workstations and smartphones connected to PCs including the iPhone, Nokia, and Windows Mobile handsets. Rocra can acquire network configuration information from Cisco-branded equipment, and grab files from removable disk drives including deleted data.
The malware platform can also steal e-mail messages and attachments, record all keystrokes of an infected machine, take screenshots, and grab browsing history from Chrome, Firefox, Internet Explorer, and Opera Web browsers. As if that wasn’t enough, Rocra also grabs files stored on local network FTP servers and can replicate itself across a local network.
Par for the course
Despite being unimpressed by its technical capacity, F-Secure says the Red October attacks are interesting because of the length of time Rocra has been active and the scale of the espionage undertaken by a single group. “However,” F-Secure added. “The sad truth is that companies and governments are constantly under similar attacks from many different sources.”
Stolen data can include everyday file types such as plain text, rich text, Word, and Excel, but the Red October attacks also go after cryptographic data such as pgp and gpg encrypted files.
In addition, Rocra looks for files that use “Acid Cryptofile” extensions, which is cryptographic software used by governments and organizations including the European Union and the North Atlantic Treaty Organization. It’s not clear whether the people behind Rocra are capable of deciphering any encrypted data they obtain.
Rocra is also particularly resistant to interference from law enforcement, according to Kaspersky. If the campaign’s command-and-control servers were shut down, the hackers have designed the system so they can regain control over their malware platform with a simple e-mail.
One of Rocra’s components searches for any incoming PDF or Office document that contains executable code and is flagged with special metadata tags. The document will pass all security checks, Kaspersky says, but once it’s downloaded and opened, Rocra can start a malicious application attached to the document and continue feeding data to the bad guys. Using this trick, all the hackers have to do is set up some new servers and e-mail malicious documents to previous victims to get back in business.
Rocra’s servers are set up as a series of proxies (servers hiding behind other servers), which makes it much harder to discover the source of the attacks. Kasperksy says the complexity of Rocra’s infrastructure rivals that of the Flame malware, which was also used to infect PCs and steal sensitive data. There is no known connection between Rocra, Flame, or malware such as Duqu, which was built on code similar to Stuxnet.
As noted by F-Secure, the Red October attacks don’t appear to be doing anything particularly new, but the amount of time this malware campaign has been in the wild is impressive. Similar to other cyber espionage campaigns such as Flame, Red October relies on duping users into downloading and opening malicious files or visiting malicious websites where code can be injected into their devices. This suggests that while computer espionage may be on the rise, the basics of computer security can go a long way to prevent these attacks.Take precautions
Useful precautions such as being wary of files from unknown senders or watching out for files that are out of character from their purported sender is a good start. It’s also useful to be wary of visiting websites you don’t know or trust, especially when using corporate equipment. Finally, make sure you have all the latest security updates for your version of Windows, and seriously consider turning off Java unless you absolutely need it. You may not be able to prevent all manner of attacks, but adhering to basic security practices can protect you from many bad actors online.
Kaspersky says it’s not clear if the Red October attacks are the work of a nation state or criminals looking to sell sensitive data on the black market. The security company plans to release more information about Rocra in the coming days.
If you’re concerned about whether any of your systems are affected by Rocra, F-Secure says its antivirus software can detect the currently known exploits used in the Red October attacks. Kaspersky’s antivirus software can also detect threats from Rocra.
Update the detailed information about Fileless Malware On The Rise on the Tai-facebook.edu.vn website. We hope the article's content will meet your needs, and we will regularly update the information to provide you with the fastest and most accurate information. Have a great day!