ID :
670214
Thu, 10/26/2023 - 09:45
Auther :
BERNAMA
Shortlink :
http://m.oananews.org//node/670214
The shortlink copeid

Kaspersky Uncovers 'Stripedfly', Malware With Sophisticated Code, Espionage-capabilities

From Anas Abu Hassan

PHUKET, Oct 26 (Bernama) -- The Kaspersky Global Research and Analysis Team (GReAT) has uncovered StripedFly, a highly sophisticated malware with a multi-functional wormable framework.

 

The malware, initially misclassified as a cryptocurrency miner, has been making its way across the globe since 2017, affecting over a million users to date.

 

Kaspersky GReAT principal security researcher, Sergey Lozhkin noted that in 2022, Kaspersky's GReAT encountered two unexpected detections within the Wininit.exe process --  a system process in Microsoft Windows operating systems, triggered by the code sequences that were earlier observed in the equation malware.

 

“After conducting a comprehensive examination of the issue, it was discovered that the cryptocurrency miner was merely a component of a much larger entity – a complex, multi-platform, multi-plugin malicious framework.

 

“The malware payload encompasses multiple modules, enabling the actor to perform as an advanced persistent threat (APT), as a crypto miner, and even as a ransomware group, potentially expanding its motives from financial gain to espionage," he said during the Kaspersky Security Analyst Summit (SAS) 2023, here today.

 

According to Lozhkin, the attacker behind this operation has acquired extensive capabilities to clandestinely spy on victims.

 

"The malware harvests credentials every two hours, pilfering sensitive data such as site and WIFI login credentials, along with personal data such as name, address, phone number, company, and job title.

 

"Furthermore, the malware can capture screenshots on the victim's device without detection, gain significant control over the machine, and even record microphone input," he added.

 

Lozhkin noted that the amount of effort invested in creating this framework is truly remarkable, and its unveiling was quite astonishing.

 

“Threat actors’ ability to adapt and evolve is a constant challenge, which is why it is so important for us as researchers to continue to dedicate our efforts to uncovering and disseminating sophisticated cyberthreats, and for customers not to forget about comprehensive protection," he said.

 

The Kaspersky SAS 2023 features a lineup of esteemed speakers delving into the most pertinent cybersecurity issues, from supply chain to crimeware and APT campaigns.

 

Held from Oct 25-28, the summit aims to address the most pressing issues and innovations in the cybersecurity realm -- the challenges and solutions in digitising traditional protective emblems, and the exploration of large language models in the fight against phishing.

 

-- BERNAMA

 

X