BSV
$45.57
Vol 14.5m
-4.23%
BTC
$67991
Vol 45479.07m
-1.73%
BCH
$330.38
Vol 266.87m
-2.96%
LTC
$66.09
Vol 329.23m
-1.96%
DOGE
$0.16
Vol 3236.16m
6.59%
Getting your Trinity Audio player ready...

A new strain of malware is on the loose, targeting enterprise systems, Microsoft has warned. Known as PonyFinal, the malware infiltrates the systems through human-operated attacks and demands for ransom at a time when it believes the victim is most likely to pay.

Microsoft took to Twitter to reveal details about the Java-based malware.

Being human-operated, PonyFinal relies on hackers breaching the enterprise systems and deploying it themselves. This is contrary to most malware which relies on social engineering techniques such as phishing.

According to Microsoft, the hackers target a company’s systems management server. They infiltrate it through brute-force techniques. They then deploy the malware, stealing local data and deploying “a remote manipulator system to bypass event logging.” Since it’s Java-based, it excels in systems that rely on Java Runtime Environment. However, in systems where JRE isn’t installed, the malware has been observed to install it.

Yet another thing that sets this malware apart is the ability of the hackers to buy time to ensure maximum gains. According to the researchers, in some instances, the hackers infiltrate a system but don’t encrypt the data. They wait for a time when they believe the victims is in a better financial position, encrypt the data and demand ransom.

This unique approach seems to be catching on of late. In April, Microsoft observed that a number of malware deployments had gone live all at once in the first two weeks of the month, indicating that they had already infiltrated the systems but had been biding their time.

PonyFinal emerged in early 2020, according to security expert Michael Gillespie. In five months, it has attacked only a small number of targets. This, according to Gillespie, proves that the hackers are conducting targeted attacks.

The victims have been in the U.S., India and Iran, he revealed.

According to Microsoft, PonyFinal has not spared the health sector, even as the weight of the COVID-19 pandemic bears down on the sector. This is in contrast to some other infamous hacking groups such as the CLOP ransomware and the DoppelPaymer ransomware gangs which pledged to cease attacking health systems for as long as the coronavirus pandemic goes on.

Recommended for you

BSV Association joins OnlyDust’s developer event sponsor list
OnlyDust is a network for open-source developers working with blockchain and decentralized projects; its purpose is to connect contributors, maintainers,...
October 23, 2024
How Teranode will leave the competition in the dust
As we enter 2025, other blockchain networks that touted themselves as the future of scalability will find themselves behind BSV...
October 22, 2024
Advertisement
Advertisement
Advertisement