One set of malware is bad enough for most organizations to deal with, but what should they do when they’re hit with two sets at once?
Hackers are constantly trying to breach the defenses of PC users, but it’s not easy for them to succeed. Defenses are constantly improving and PC users are becoming more technically minded when it comes to hacking. Attacks, therefore, need to be cleverer and more aggressive for hackers to succeed. And one of the newest threats to PC defenses is a combined attack which teams up multiple forms of malware to pack a devastating punch.
In particular, reports are coming in that hackers are combining the data miner Vidar alongside the GandCrab ransomware to maximize their chances of success. And it’s proving to bear fruit for the hackers, so it’s crucial that you understand the risk.
The Double Whammy of Vidar and GandCrab
The combined attack of Vidar and GandCrab was identified by Malwarebytes Labs who observed that the hack first installs Vidar and then proceeds to strengthen the attack with GandCrab. Using malicious advertising software, the hackers expose users to an exploit kit (usually Fallout) which targets vulnerabilities in specific apps. Once this exploit kit has been executed, Vidar is installed on the infected PC and proceeds to mine user data such as communications, digital wallet info and login details.
This attack is bad enough, but the victim things are about to get worse as Vidar is capable of downloading additional malware. Using a command and control center to receive and transmit data, Vidar will, after a minute of its own installation, download and execute the GandCrab ransomware. It’s true that Ransomware has, to a degree, fallen out of favor with hackers over the last year, but it still has the potential to cause severe disruption for organizations. Encrypting files and then demanding a ransom will stifle the productivity of any organization effected, even if backup copies are available.
Protecting Your Organization from Vidar and GandCrab
It’s clear to see that the two headed attack of Vidar and GandCrab is particularly nasty and one to watch out for. In order to understand how to protect your organization from this threat, you need to understand how this attack is able to take place. As ever, that age old favorite of unpatched software is squarely to blame and, on this occasion, it’s Adobe’s Flash Player and Microsoft’s Internet Explorer.
Anti-malware software is now capable of detecting Vidar when it’s found within your PC, but the easiest option for any organization is to avoid allowing it access in the first place. One of the keenest security practices to adhere to is the installation of software patches as soon as they become available. Sadly, this task is often superseded by more immediate, pressing matters and this grants hackers more time to detect and exploit these vulnerabilities. However, with what is usually just a few clicks of a mouse, protection from potential security threats can be implemented by immediately installing patches.
For more ways to secure and optimize your business technology, contact your local IT professionals.
Read More