Anti-malware tools provide a firm level of defense against hackers, but what happens when the malware can bypass detection tools?
Around 300,000 new pieces of malware are created daily, so it’s important that we can protect ourselves against this constant threat. Anti-malware tools such as Kaspersky and even in-built Windows security systems are crucial for providing this protection. Accordingly, you should find that your systems remain protected for most of the time. However, hackers are industrious individuals and are constantly looking to evolve their techniques. As a result of this ongoing adaptation, it appears that hackers have found a way around current detection methods.
The threat comes in the form of the OpenSUpdater and is one that you need to take seriously.
What is OpenSUpdater?
Digital signatures are used online to demonstrate that code is legitimate and accepted by Windows security checks. They are an important part of online security, but this has made them a viable target for hackers. In the case of OpenSUpdater, their online code samples are carrying manipulated security certificates which, despite these manipulations, are passed as authentic by Windows. More importantly, security tools which use OpenSSL decoding are unable to detect these malicious changes.
OpenSUpdater is free to bypass security measures and avoid being labelled as malware which is quarantined and deleted. The malware’s main method of attack is through riskware campaigns. This involves injecting malicious ads into the browsers of those infected and downloading further malware. The majority of targets so far have been found in the US and the malware typically bundled in with illegal downloads such as cracked software.
How Can You Protect Against OpenSUpdater?
This latest malware threat was detected by Google’s security researchers and has since been reported to Microsoft. A specific fix has not been announced yet, but hopefully something will be implemented shortly. In the meantime, however, it’s vital that you take steps to protect yourself. In particular, make sure you focus on the following:
- Minimize User Privileges: There’s no real need for employees to be downloading software onto their workstations. All the tools they need should be readily available. However, some employees are likely to be tempted by things they see online, particularly the promise of quick fixes. The best way to reduce the risk of downloading malware is by eliminating download privileges for all but the IT team.
- Educate on Phishing Techniques: Phishing is a dangerous hacking technique which uses email to push social engineering attacks. By instilling a threat of urgency to act upon an email’s call to action – such as ‘click here to download a vital security tool’ – hackers are able to deceive victims into downloading all kinds of malware. Thankfully, through continued training, your employees should be able to recognize phishing emails quickly and hit the delete button even quicker.
- Do Not Abandon Detection Tools: Despite the ability of OpenSUpdater to bypass detection tools, this does not mean that these tools should be resigned to the scrapheap. They still play an essential role in providing digital security options and should remain in place.
For more ways to secure and optimize your business technology, contact your local IT professionals.
Read More