Communications of the ACM
Newly-Wormable Windows Botnet Ballooning in Size
Researchers say a botnet targeting Windows devices is rapidly growing, thanks to a new infection technique that allows the malware to spread from computer to computer.
Credit: Bryce Durbin/TechCrunch
Amit Serper and Ophir Harpaz at Israeli security firm Guardicore say a botnet targeting Windows devices is expanding, due to a new infection method that lets malware spread between computers with weak passwords.
The Purple Fox malware attempts to guess Windows user account passwords by targeting the server message block that allows Windows to communicate with other devices.
Upon infiltration, Purple Fox pulls a malicious payload from a network of nearly 2,000 compromised Windows Web servers and installs a rootkit, keeping the malware latched on to the computer while complicating its detection or removal.
It then seals the firewall ports through which it gained access, and produces a list of Internet addresses and scans the Internet for other targets.
Guardicore said Purple Fox infections have soared 600% since May 2020.
From TechCrunch
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA
No entries found