Tech 31 July 2018

Dennis Wafula

New cryptojacking malware PowerGhost targets corporate networks

Security company Kaspersky Lab has discovered a new malware that uses business computers and servers to mine cryptocurrencies.

The malware, dubbed PowerGhost, has the ability to embed itself undetected in a system and spread across networks. According to Kaspersky, the cryptojacking malware starts by infecting one machine and then spreads to all workstations and servers connected to an organization’s local area network.

The malware is a combination of PowerShell script, which contains add-on modules that perform the mining tasks, and EternalBlue, which helps the malware spread across the network unnoticed. This combination, according to Kaspersky experts, makes it very hard to detect PowerGhost in any network. And because it’s not stored on a hard drive, the malware can operate undetected for a long period of time.

The malware begins to work by using exploits or administration tools such as Windows Management Instrumentation. It inserts itself and slowly begins to execute its commands. The malware is designed to use power from the networks to mine cryptocurrencies, which are sent to the attacker’s wallet. The higher the number of infected machines, the higher the profits it generates, according to security experts. During the mining process, the attackers can compromise the infected network so as to get as much money as they can possibly make. Apart from mining, the malware can steal important information from the infected devices.

According to the Kaspersky report, several networks in India, Columbia, Brazil, Turkey and parts of North America and Europe have fallen victim to PowerGhost. Kaspersky also discovered that the malware could also be used for conducting DDoS attacks, allowing the perpetrators to earn more income.

“PowerGhost raises new concerns about crypto-mining software. The miner we examined indicates that targeting consumers is not enough for cybercriminals anymore—threat actors are now turning their attention to enterprises too. Crypto-currency mining is set to become a huge threat to the business community,” said David Emm, principal security researcher at Kaspersky Lab.

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

How Metanet creates an immutable Internet

Tech 15 February 2019

How Metanet creates an immutable Internet

Metanet and Bitcoin were roughly conceived “in the depths of the late 90s” from the concept of an economically incentivized Internet, according to nChain Chief Scientist Dr. Craig Wright.

Read More
HSBC slashes forex costs with blockchain

Tech 15 February 2019

HSBC slashes forex costs with blockchain

The firm confirmed it had reduced costs for its forex business by as much as 25%, in what analysts describe as an example of the importance of distributed ledger technology to banks and their bottom lines.

Read More
UC Berkeley launches blockchain accelerator for startups

Tech 14 February 2019

UC Berkeley launches blockchain accelerator for startups

The University of California, Berkeley recently announced the launch of a new blockchain-focused accelerator, the Berkeley Blockchain Xcelerator for blockchain startups.

Read More