Tech 31 July 2018

Dennis Wafula

New cryptojacking malware PowerGhost targets corporate networks

Security company Kaspersky Lab has discovered a new malware that uses business computers and servers to mine cryptocurrencies.

The malware, dubbed PowerGhost, has the ability to embed itself undetected in a system and spread across networks. According to Kaspersky, the cryptojacking malware starts by infecting one machine and then spreads to all workstations and servers connected to an organization’s local area network.

The malware is a combination of PowerShell script, which contains add-on modules that perform the mining tasks, and EternalBlue, which helps the malware spread across the network unnoticed. This combination, according to Kaspersky experts, makes it very hard to detect PowerGhost in any network. And because it’s not stored on a hard drive, the malware can operate undetected for a long period of time.

The malware begins to work by using exploits or administration tools such as Windows Management Instrumentation. It inserts itself and slowly begins to execute its commands. The malware is designed to use power from the networks to mine cryptocurrencies, which are sent to the attacker’s wallet. The higher the number of infected machines, the higher the profits it generates, according to security experts. During the mining process, the attackers can compromise the infected network so as to get as much money as they can possibly make. Apart from mining, the malware can steal important information from the infected devices.

According to the Kaspersky report, several networks in India, Columbia, Brazil, Turkey and parts of North America and Europe have fallen victim to PowerGhost. Kaspersky also discovered that the malware could also be used for conducting DDoS attacks, allowing the perpetrators to earn more income.

“PowerGhost raises new concerns about crypto-mining software. The miner we examined indicates that targeting consumers is not enough for cybercriminals anymore—threat actors are now turning their attention to enterprises too. Crypto-currency mining is set to become a huge threat to the business community,” said David Emm, principal security researcher at Kaspersky Lab.

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

Pakistan eyes blockchain for digitalization of government processes

Tech 18 April 2019

Pakistan eyes blockchain for digitalization of government processes

A meeting chaired by Pakistan Prime Minister Imran Khan discussed ways in which technologies such as blockchain could be used to ensure efficiency of government processes.

Read More
Accenture, Generali taps blockchain for employee benefits

Tech 18 April 2019

Accenture, Generali taps blockchain for employee benefits

Global management consulting firm Accenture has teamed up with Generali Employee Benefits to develop what they referred to as a unique employee benefits system powered by blockchain.

Read More
Bitcoin SV and the roadmap to Genesis

Tech 17 April 2019

Bitcoin SV and the roadmap to Genesis

Coming soon will be a network upgrade called Quasar, which is currently scheduled for July 24 and centers on increased scaling capabilities.

Read More