October has seen the reporting of the most ghoulish cyberattacks and cyberscares so far. The month has brought a variety of spooky cyberthreats, from malicious malware to restricting ransom ware that haunted networks and devices of governments, enterprises and individuals around the globe, according to U.S. global computer security software company McAfee.
Raj Samani, Chief Scientist and McAfee Fellow, said October had brought a range of cyberthreats known by ‘spooky’ names, given that Halloween is around the corner. The month has seen Ghostcat Malware haunting consumers. The ‘infection’ begins when a user visits a particular website and is served a malicious advertisement. Ghostcat fingerprints the browser to collect device information and eventually leads the user to malicious content. The malware, whose goal is to hijack a user’s mobile browsing information, had recently caused some panic on the Internet.
Cyber criminals have also manipulated WAV (waveform) audio files to spread malware and cryptominers. By using a technique called stenography, malware authors can hide malicious code inside of a file that appears normal, which allows hackers to bypass security software and firewalls.
Previously, hackers have used stenography revolving around image file formats like PNG or JPEG. However, these crooks have now upped the ante by using WAV audio files to hide different types of malware. Most recently, researchers found that this technique is used to hide DLLs, or dynamic link libraries that contain code and data that can be used by more than one programme at the same time, said a cyber security advisory released by McAfee.
Then there is this mysterious MedusaLocker ransomware, a threat that is slithering its way into users’ devices, encrypting files until the victim purchases a decryptor.
This strain will perform various startup routines to prep the victim’s device for encryption. Additionally, it will ensure that Windows networking is running and mapped network drives are accessible. Then, it will shut down security programmes, clear data duplicates so they can’t be used to restore files, remove backups made with Windows backup, and disable the Windows automatic startup repair. For each folder that contains an encrypted file, MedusaLocker creates a ransom note with two email addresses to contact for payment.
‘Remain cautious’
“Consumers should approach unknown links with caution and remain wary of suspicious pop-ups, seasonal or otherwise. With many threats, such as Ghostcat, targeting mobile devices, you must ensure your mobile device is protected by your cybersecurity solution,” cautioned Gary Davis, chief consumer security evangelist, McAfee. Netizens are also asked to be selective about websites they visit. One way to determine if a site is potentially malicious is by checking its URL. If the URL address contains multiple grammar or spelling errors and suspicious characters, avoid interacting with the site, Mr. Davis added.
