Active Stocks
Fri Sep 29 2023 15:59:14
  1. Tata Steel share price
  2. 129 1.78%
  1. NTPC share price
  2. 245.65 3.3%
  1. Power Grid Corporation Of India share price
  2. 199.85 -0.45%
  1. State Bank Of India share price
  2. 598.7 1.48%
  1. Wipro share price
  2. 406.25 0.11%
Business News/ Technology / Apps/  Malware attacks: Risks now come in new ways, even latching on to anti-viruses

Malware attacks: Risks now come in new ways, even latching on to anti-viruses

The ever-evolving nature of malware attacks is putting users and their data in a precarious position. Some of them use anti-virus apps to attack users

Cyber criminals keep coming with new ways to target users. Photo: istockphotoPremium
Cyber criminals keep coming with new ways to target users. Photo: istockphoto

Security has been a major source of concern for PC users this year. Malwares such as Petya and WannaCry brought many organisations to a standstill for several days. WannaCry went on to affect 230,000 devices in 150 countries, while Petya affected over 2,000 organisations across the globe. The constantly-evolving nature of malwares makes containing them harder. Cyber criminals keep coming with new ways to target users. Both these examples hint at new types of malware, the risks they pose and how one can avoid them.

Locky ransomware

Computer Emergency Response Team (CERT), a security agency under the ministry of electronics and IT (MeitY), has issued a warning about an evolved version of Locky ransomware that is using spam emails to target users. US-based security firm App River, which detected it first, points out that 23 million spam emails with Locky ransomware hidden in a zip file have been sent to users in the US in a time span of 24 hours last week. Once the file is clicked, the ransomware is installed and the infected computer is locked. Users are then asked to pay a ransom of 0.5 bitcoin (which amounts to $2,300) to decrypt the PC.

According to CERT, users should be more careful while checking new emails and should not click on any suspicious links or attachments. Users can also use anti-spam solutions to identify and block spam mails.

Ehdoor backdoor

Security solutions company Symantec has come across a new spyware targeted at Indian users. The spyware opens a backdoor to install malware on users’ computer. Once installed, the malware can upload/download files, carry out backdoor processes, capture keystrokes, take screenshots and steal personal information on the compromised device without users’ consent or knowledge. Users should run full system scans regularly to ensure no new malware can go undetected. The spyware is being spread through web browsers. To ensure attackers are not able to exploit vulnerabilities in the browsers, users should rely on auto update or software distribution tools to install patches as soon as they are released.

Double Agent Attack

First reported by Israeli cyber security firm Cybellum, this malware targets the very anti-virus solution users are counting on to protect their device. It exploits a legitimate feature of Windows OS called Microsoft Application Verifier which is used as a runtime verification tool to discover and fix bugs in applications on the device. A hacker can use this tool to add a custom verifier on the app and take full control over it, even if it is an anti-virus app. According to Cybellum, anti-virus solutions such as Avast, AVG, Bitdefender, Trend Micro and Avira were vulnerable to the attack.

What makes it even more dangerous is that it doesn’t have to disable the antivirus. It can continue to spy on the user, steal data or lock the device for ransom even with the anti-virus active. After the issue was reported by Cybellum, several anti-virus companies came up with security patches. Users should always use reliable anti-virus solutions instead of going with the cheapest available option.

"Exciting news! Mint is now on WhatsApp Channels 🚀 Subscribe today by clicking the link and stay updated with the latest financial insights!" Click here!

Abhijit Ahaskar
Abhijit writes on tech policy, gaming, security, AI, robotics, electronics and startups. He has been in the media industry for over 12 years.
Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
More Less
Updated: 04 Sep 2017, 03:34 PM IST
Next Story
Recommended For You
Switch to the Mint app for fast and personalized news - Get App