October has seen most ghoulish cyber attacks ever, says McAfee

Ghostcat Malware hijacks mobile browsing information

October 30, 2019 09:44 pm | Updated 09:44 pm IST - Bengaluru

FILE - This file photograph taken Oct. 30, 2007 shows the exterior of security software maker McAfee Inc. headquarters in Santa Clara, Calif. Chip maker Intel said Thursday, Aug. 19, 2010, it has agreed to buy computer-security software maker McAfee Inc. for $7.68 billion, or $48 per share. (AP Photo/Paul Sakuma, file)

FILE - This file photograph taken Oct. 30, 2007 shows the exterior of security software maker McAfee Inc. headquarters in Santa Clara, Calif. Chip maker Intel said Thursday, Aug. 19, 2010, it has agreed to buy computer-security software maker McAfee Inc. for $7.68 billion, or $48 per share. (AP Photo/Paul Sakuma, file)

October has seen the reporting of the most ghoulish cyberattacks and cyberscares so far. The month has brought a variety of spooky cyberthreats, from malicious malware to restricting ransom ware that haunted networks and devices of governments, enterprises and individuals around the globe, according to U.S. global computer security software company McAfee.

Raj Samani, Chief Scientist and McAfee Fellow, said October had brought a range of cyberthreats known by ‘spooky’ names, given that Halloween is around the corner. The month has seen Ghostcat Malware haunting consumers. The ‘infection’ begins when a user visits a particular website and is served a malicious advertisement. Ghostcat fingerprints the browser to collect device information and eventually leads the user to malicious content. The malware, whose goal is to hijack a user’s mobile browsing information, had recently caused some panic on the Internet.

Cyber criminals have also manipulated WAV (waveform) audio files to spread malware and cryptominers. By using a technique called stenography, malware authors can hide malicious code inside of a file that appears normal, which allows hackers to bypass security software and firewalls.

Previously, hackers have used stenography revolving around image file formats like PNG or JPEG. However, these crooks have now upped the ante by using WAV audio files to hide different types of malware. Most recently, researchers found that this technique is used to hide DLLs, or dynamic link libraries that contain code and data that can be used by more than one programme at the same time, said a cyber security advisory released by McAfee.

Then there is this mysterious MedusaLocker ransomware, a threat that is slithering its way into users’ devices, encrypting files until the victim purchases a decryptor.

This strain will perform various startup routines to prep the victim’s device for encryption. Additionally, it will ensure that Windows networking is running and mapped network drives are accessible. Then, it will shut down security programmes, clear data duplicates so they can’t be used to restore files, remove backups made with Windows backup, and disable the Windows automatic startup repair. For each folder that contains an encrypted file, MedusaLocker creates a ransom note with two email addresses to contact for payment.

‘Remain cautious’

“Consumers should approach unknown links with caution and remain wary of suspicious pop-ups, seasonal or otherwise. With many threats, such as Ghostcat, targeting mobile devices, you must ensure your mobile device is protected by your cybersecurity solution,” cautioned Gary Davis, chief consumer security evangelist, McAfee. Netizens are also asked to be selective about websites they visit. One way to determine if a site is potentially malicious is by checking its URL. If the URL address contains multiple grammar or spelling errors and suspicious characters, avoid interacting with the site, Mr. Davis added.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.